Viewing SSM Agent logs
AWS Systems Manager Agent (SSM Agent) writes information about executions, commands, scheduled
actions, errors, and health statuses to log files on each managed node. You can view log
files by manually connecting to a managed node, or you can automatically send logs to
Amazon CloudWatch Logs. For more information about sending logs to CloudWatch Logs, see Monitoring AWS Systems Manager.
You can view SSM Agent logs on managed nodes in the following locations.
- Linux and macOS
-
/var/log/amazon/ssm/
- Windows
-
%PROGRAMDATA%\Amazon\SSM\Logs\
For Linux managed nodes, the SSM Agent stderr and
stdout files are written to the following directory:
/var/lib/amazon/ssm/.
For Windows managed nodes, the SSM Agent stderr and
stdout files are written to the following directory:
%PROGRAMDATA%\Amazon\SSM\InstanceData\.
For information about allowing SSM Agent debug logging, see Allowing SSM Agent debug logging.
For more information about cihub/seelog configuration, see the
Seelog Wiki on
GitHub. For examples of cihub/seelog
configurations, see the cihub/seelog
examples repository on GitHub.
Allowing SSM Agent debug logging
Use the following procedure to allow SSM Agent debug logging on your managed
nodes.
- Linux and macOS
-
To allow SSM Agent debug logging on Linux and macOS managed
nodes
-
Either use Session Manager, a capability of AWS Systems Manager, to connect to
the managed node where you want to allow debug logging, or log
on to the managed node. For more information, see Working with Session Manager.
-
Locate the seelog.xml.template
file.
Linux:
On most Linux managed node types, the file is located in the
directory
/etc/amazon/ssm/seelog.xml.template.
On Ubuntu Server 20.10 STR & 20.04, 18.04, and 16.04 LTS,
the file is located in the directory
/snap/amazon-ssm-agent/current/seelog.xml.template.
Copy this file from the
/snap/amazon-ssm-agent/current/ directory to
the /etc/amazon/ssm/ directory before making any
changes.
macOS:
On macOS instance types, the file is located in the
directory /opt/aws/ssm/seelog.xml.template.
-
Change the file name from seelog.xml.template to
seelog.xml.
On Ubuntu Server 20.10 STR & 20.04, 18.04, and 16.04
LTS, the file seelog.xml must be created in the
directory /etc/amazon/ssm/. You can create this
directory and file by running the following commands.
sudo mkdir -p /etc/amazon/ssm
sudo cp -p /snap/amazon-ssm-agent/current/seelog.xml.template /etc/amazon/ssm/seelog.xml
-
Edit the seelog.xml file to change the
default logging behavior. Change the value of
minlevel from info
to debug, as shown in the following
example.
<seelog type="adaptive" mininterval="2000000"
maxinterval="100000000" critmsgcount="500"
minlevel="debug">
-
(Optional) Restart SSM Agent using the following
command.
Linux:
sudo service amazon-ssm-agent restart
macOS:
sudo /opt/aws/ssm/bin/amazon-ssm-agent restart
- Windows
-
To allow SSM Agent debug logging on Windows Server managed nodes
-
Either use Session Manager to connect to the managed node where you
want to allow debug logging, or log on to the managed nodes. For
more information, see Working with Session Manager.
-
Make a copy of the seelog.xml.template
file. Change the name of the copy to
seelog.xml. The file is located in the
following directory.
%PROGRAMFILES%\Amazon\SSM\seelog.xml.template
-
Edit the seelog.xml file to change the
default logging behavior. Change the value of
minlevel from info
to debug, as shown in the following
example.
<seelog type="adaptive" mininterval="2000000"
maxinterval="100000000" critmsgcount="500"
minlevel="debug">
-
Locate the following entry.
filename="{{LOCALAPPDATA}}\Amazon\SSM\Logs\{{EXECUTABLENAME}}.log"
Change this entry to use the following path.
filename="C:\ProgramData\Amazon\SSM\Logs\{{EXECUTABLENAME}}.log"
-
Locate the following entry.
filename="{{LOCALAPPDATA}}\Amazon\SSM\Logs\errors.log"
Change this entry to use the following path.
filename="C:\ProgramData\Amazon\SSM\Logs\errors.log"
-
Restart SSM Agent using the following PowerShell command in
Administrator mode.
Restart-Service AmazonSSMAgent
