Triage AWS CloudWatch Unused Log Stream LOG_STREAM_UNUSED_FOR_TOO_LONG
Quick Links
- Configure AWS CloudWatch Unused Log Stream
- Use Case for AWS CloudWatch Unused Log Stream
- Triage Guides by Violation Type
Triage Guide for LOG_STREAM_UNUSED_FOR_TOO_LONG
0) Understand
Unused log streams lead to unnecessary storage costs. Identifying and removing these log streams helps in cost optimization.
1) Validate
To manually validate, navigate to the CloudWatch console, select the log group, and review the lastIngestionTime
of the log streams. The policy runs daily but relies on the latest available data.
2) Triage
Leaving log streams unused can lead to escalating storage costs. In most cases, deleting unused log streams should not impact other services, but always validate against potential need for audits.
3) Act
- Review the log streams identified by the policy.
- Use the CloudWatch console or AWS CLI commands to delete unused log streams.
4) Reflect
If this policy generated unnecessary alerts, consider adjusting the cloudwatch_log_stream_age_max_days
variable to a more suitable threshold or disable the policy if it doesn't fit your use case.