Pick and then use a better naming convention for CloudWatch logs than is present currently

[obscurerichard]

In the ticket where we originally added CloudWatch we used these CloudWatch log group names, which are short, but don't group well or show up together when you go into the CloudWatch console.

Original CloudWatch Log Group Names

Put in a syslog log group:

/var/log/boot.log
/var/log/cron
/var/log/messages
/var/log/dmesg
/var/log/secure
/var/log/spooler
/var/log/maillog

Put in an package-updates log group:

/var/log/yum.log

Put in an selinux log group:

/var/log/audit/audit.log

NGINX nginex-access

/var/log/nginx/access.log

NGINX nginex-error

/var/log/nginx/error.log

We should research and take some inspiration from other CloudWatch log groups seen in the wild, such as:

/aws/greengrass/Lambda/us-east-1/976851222302/deeplens-face-detection
/aws/codebuild/capsule-andycapsuletest-ci-capsule-andycapsuletest-ci

Considerations for renaming them

The log groups get dynamically created so all we have to do is edit the config.json file, run packer, and apply terraform to have the new names take effect.

Resources

• https://confluence.huit.harvard.edu/display/CLA/Cloud+Resource+Naming+Conventions#CloudResourceNamingConventions-CloudWatchLogGroups
• https://www.reddit.com/r/aws/comments/bzs0dy/naming_conventions_for_cloudwatch_groups/
• https://stackoverflow.com/questions/42630232/is-it-possible-to-rename-an-aws-cloudwatch-log-group