CloudWatch Logs organizes log data into a hierarchical structure consisting of Log Groups and Log Streams.
Log Groups :
- Containers: Log Groups are containers that hold one or more Log Streams.
- Organization: They are used to group related Log Streams, such as all logs from a specific application, service, or environment.
- Shared Settings: Log Groups can have shared settings, including retention policies, monitoring subscriptions, and access control.
Log Streams :
- Sequences of Events: Log Streams are sequences of log events that share the same source.
- Sources: Each source of logs in CloudWatch Logs makes up a separate Log Stream. For example, a single EC2 instance running a specific application might have its own Log Stream.
- Within a Group: Log Streams must belong to a Log Group.
Analogy: Imagine a library. The library is like a Log Group, and the bookshelves within the library are like Log Streams. Each bookshelf holds a collection of books (log events) related to a specific topic (application, service, etc.).
Key Points :
- Hierarchy: Log Groups contain Log Streams.
- Organization: Log Groups provide a way to organize and manage related Log Streams.
- Shared Settings: Log Groups can have shared settings that apply to all their Log Streams.
