CloudWatch

CoudlWatch collects logging infomration.

Can come from EC2, Route 53, and CloudTrail

It is the standard way in AWS to monitor services.

CloudWatch Metrics:

• Built in monitoring and reporting.

• Alarms can be created that send to SNS topics.

• Graphical dashboards can be created.

What can cloudwatch be used for

• Monitoring log data.

• Log Metrics and filters.

• Threshold alarms - alarms after something happens - eg 4 failed logins.

• Notifications - Cloudwatch can send SNS notifications.

Cloudwatch alarms can:

• Notify using SNS

• Perform automated actions - maybe spin up additional EC2 instances.

Cloudwatch logs

Some terminology:

• Filter pattern - Allows to filter what logs get forwarded to the destination.

• Log events - The log data itself - in utf8 format.

• Log streams - these are log events that share the same source. Each event is a line in the file.

• Log groups - These are a group. There is no limit to how many log streams can be part of a group.

• Retention sessions - exactly how it sounds.

By defauly logs do not expire - this can cause addiitonal costs.

You can select a period from 1 day to 10 years for retention & automatically delete older logs.

Cloudwatch Agent on EC2

This enables more detailed infomation and logs from an EC2 instance.

• Two new IAM roles are required:

• First role: Collects log data for CloudWatch.

EC2 --> CouldWatch

• Second role: Handles communcation with systems mamanger service - for the configuration file.

Systems Manager --> EC2

If you are rolling out a unified system with EC2 instances this second role is critical - allows you to configure each instance quickley.

Installing the Agent on EC2