Triage AWS CloudWatch Unused Log Stream LOG_STREAM_UNUSED_FOR_TOO_LONG

Quick Links

Configure AWS CloudWatch Unused Log Stream
Use Case for AWS CloudWatch Unused Log Stream
Triage Guides by Violation Type
1. Triage AWS CloudWatch Unused Log Stream LOG_STREAM_UNUSED_FOR_TOO_LONG

Triage Guide for LOG_STREAM_UNUSED_FOR_TOO_LONG

0) Understand

Unused log streams lead to unnecessary storage costs. Identifying and removing these log streams helps in cost optimization.

1) Validate

To manually validate, navigate to the CloudWatch console, select the log group, and review the lastIngestionTime of the log streams. The policy runs daily but relies on the latest available data.

2) Triage

Leaving log streams unused can lead to escalating storage costs. In most cases, deleting unused log streams should not impact other services, but always validate against potential need for audits.

3) Act

Review the log streams identified by the policy.
Use the CloudWatch console or AWS CLI commands to delete unused log streams.

4) Reflect

If this policy generated unnecessary alerts, consider adjusting the cloudwatch_log_stream_age_max_days variable to a more suitable threshold or disable the policy if it doesn't fit your use case.

Triage AWS CloudWatch Unused Log Stream LOG_STREAM_UNUSED_FOR_TOO_LONG

Quick Links​

Triage Guide for LOG_STREAM_UNUSED_FOR_TOO_LONG

0) Understand​

1) Validate​

2) Triage​

3) Act​

4) Reflect​