Amazon CloudWatch Log group — Infrequent Access — Effective cost reduction
In 2023 re:invent AWS unveiled a new feature which is Amazon CloudWatch loggroup infrequent access. The basic
Features
1. Ingression Cost — Generally if basic features of Amazon CloudWatch log group are used, the Amazo CloudWatch ingress(how much log is ingested to cloudwatch) cost contributes to 60% to 80% cost. This cost has been reduced by 50%. So in the applicable usecases, the cloudwatch loggroup cost has potential to come down by 30% to 40%.
CloudWatch Logs Infrequent Access offers a cost-effective option for log storage, but its limited capabilities make it suitable for specific use cases.
This logs can be used once the product is stabilized and there is less requirements for logs retrievals. This has to be noted that team has to be trained to refer to logs using the insights query for which they should have good control over the logs parameters. This log doesn’t support the alarms and other notifications.
Use-cases:-
1. Application Log: This is particularly useful in non-prod Amazon CloudWatch log group where only basic features are mostly used.
2. Application Log: If the advanced features are not used in production, this can be used for production log group also.
3. VPC flow logs can be stored in a CloudWatch Logs Infrequent Access log group. This can be also a cost-effective option for logs are mostly used infrequently for compliance requirements or ad-hoc forensic analysis.
4. Security logs: Infrequent access is sufficient for logs like intrusion detection system (IDS) or firewall alerts that need to be retained for compliance purposes but rarely access actively.
5. Access logs(S3, ELB, Cloudfront etc.): Store user login attempts or resource access logs for compliance requirements if ingested to cloudwatch loggroup.
Cost:- If cloudwatch loggroup costs .50$/GB cloudwatch infrequent access costs 0.25$/GB.
Not applicable:-
a. Infrequent access doesn’t support real-time monitoring features like dashboards and alarms.
b. Metric filters are unavailable.
c. Retrieval costs are higher compared to Standard, so frequent querying can negate the cost benefits.
d. Subscription filter logic is not applicable
e. Log anomalies can’t be tracked
How to implement:-
The Amazon CloudWatch log group infrequent access can be created while creating new log group. However, it has to be kept in mind that existing standard loggroup can’t be switched to cloudwatch infrequent access group or vice-versa.
If any existing log group has to be switched to infrequent access group, then new Amazon CloudWatch infrequent access group has to be created and attached to existing container(EC2, fargate etc.).
Image is taken from personal aws account
Disclaimer:- The Lego model is created by AI — Aadriti’s(My daughter) Intuition. We promise to learn and create better model(in cloud and Lego).
