Bash Script to Bulk Delete AWS CloudWatch Log Groups

Cloud Technology
0Shares

The AWS Management Console does not allow you to bulk delete multiple AWS CloudWatch Log Groups. Use this bash script to bulk delete AWS CloudWatch log groups.

The bash script will do the following:

  • Ask the AWS region you want to access.
  • Confirm the Cloud Watch Log Groups that it found in the specified AWS region.
  • Ask if it should delete the mentioned Cloud Watch Log Groups.
  • Delete each Cloud Watch Log Group, if you enter yes.

How to run the code

This script requires that you install and configure the AWS CLI. See this post for more info. Not running Linux? Then read: how to setup windows subsystem for linux, so you can run this script on Windows! It’s super easy!

First, download the ‘Bash Script to Bulk Delete AWS CloudWatch Log Groups’ script using the following command:

sudo wget https://raw.githubusercontent.com/RepositoriumCodice/Scripts/master/Linux/BulkDeleteLogGroupsInAWS/aws.cloudwatch.loggroups.delete.sh

This script has been tested on Ubuntu 18.04 Server as well as Ubuntu 18.04 running via Windows Subsystem for Linux. Let me know if you have used it on a different platform.

Alternatively, visit the repository here to look at the script in more details before you download it.

Ensure that the script has execute permissions.

sudo chmod 500 aws.cloudwatch.loggroups.delete.sh

Run the script via bash as root.

sudo ./aws.cloudwatch.loggroups.delete.sh

Example output:

Getting group names...
These log groups will be deleted:
logGroupName
RDSOSMetrics
ap-2a-adonis
ap-2a-adonis/api
ap-2a-adonis/api/5ced914e6e88b
ap-2a-adonis/api/5ced916160eff
Total 324 log groups

Proceed? y
Delete group logGroupName...
Delete group RDSOSMetrics... OK
Delete group ap-2a-adonis... OK
Delete group ap-2a-adonis/api... OK
Delete group ap-2a-adonis/api/5ced914e6e88b... OK
Delete group ap-2a-adonis/api/5ced916160eff... OK

The delete AWS Log Groups bash script will require that you have the AWS CLI tools installed and configured.

The script

You can look at the script in more detail at: https://raw.githubusercontent.com/RepositoriumCodice/Scripts/master/Linux/BulkDeleteLogGroupsInAWS/aws.cloudwatch.loggroups.delete.sh:

First, the script asks your preferred AWS region

...
read -p "Please enter the AWS region [ap-southeast-2]? " region
region=${region:-ap-southeast-2}
...

The script will then list all the available AWS log groups in the region you specified using the AWS CLI command: aws logs describe-log-groups. Note: You may see some errors if you do not have the appropriate permissions.

...
echo Getting group names for $region...

LOG_GROUPS=$(
	aws logs describe-log-groups --output table --region $region |
		awk '{print $6}' |
		grep -v ^$ |
		grep -v DescribeLogGroups
)

echo These log groups will be deleted:
printf "${LOG_GROUPS}\n"
echo Total $(wc -l <<<"${LOG_GROUPS}") log groups
echo
...

The script will then ask whether or not you wish to proceed.

...
while true; do
    read -p "Proceed? [yn]" yn
    case $yn in
    [Yy]*) break ;;
    [Nn]*) exit ;;
    *) echo "Please answer yes or no." ;;
    esac
done
...

Lastly, the script will then use the AWS CLI command: aws logs delete-log-group, to delete all the available log groups.

...
for name in ${LOG_GROUPS}; do
	printf "Delete group ${name}... "
	aws logs delete-log-group --log-group-name ${name} --region $region && echo OK || echo Fail
done

The AWS CLI Commands

The bash script uses the following AWS CLI commands to list and delete all the Cloud Watch Log Groups.

Describe Log Groups:

The bash script runs the following AWS CLI command: aws logs describe-log-groups.

The describe-log-groups command lists all the log groups that it finds in the specified region. You can list all your log groups or filter the results by prefix (with some modification).

You can describe your log groups manually by using the following example. The example describes a log group called ‘my-logs’. Use the ‘–region’ command to specify a specific AWS Region.

aws logs describe-log-groups --log-group-name-prefix my-logs

Delete Log Group:

The bash script runs the delete-log-group AWS CLI command for each log group, once you confirm the deletion.

The delete-log-group command permanently deletes all the archived log events associated with the log group.

You can remove your log groups manually by using the following example. The example removes a log group called ‘my-logs’. Use the ‘–region’ command to specify a specific AWS Region.

aws logs delete-log-group --log-group-name my-logs

This bash script can be modified easily to support additional use cases. This script was modified based on the delete-log-streams-from-group.sh script provided on Github.

Hi, my name is Anto! I am a cloud computing hobbyist! Give me anything to do with the cloud, and I am interested. I work for a Cloud computing company by day and as a Cloud computing hobbyist by night! My projects use PHP, NodeJs, Ubuntu, MySQL and of course Amazon Web Services. Hopefully, my blog aids your cloud journey! Feel free to post a comment and share your thoughts.

5 Comments on “Bash Script to Bulk Delete AWS CloudWatch Log Groups”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.