Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS.
CloudWatch is for performance monitoring (AWS CloudTrail is for auditing).
Used to collect and track metrics, collect, and monitor log files, and set alarms.
Automatically react to changes in your AWS resources.
Monitor resources such as:
- AWS EC2 instances.
- Amazon DynamoDB tables.
- Amazon Relational Database Service (Amazon RDS) instances.
- Custom metrics generated by applications and services.
- Any log files generated by your applications.
Gain system-wide visibility into resource utilization.
CloudWatch monitoring includes application performance.
Monitor operational health.
CloudWatch is accessed via API, command-line interface, AWS SDKs, and the AWS Management Console.
CloudWatch integrates with AWS Identity and Access Management (IAM).
Amazon CloudWatch Logs lets you monitor and troubleshoot your systems and applications using your existing system, application, and custom log files.
CloudWatch Logs can be used for real time application and system monitoring as well as long term log retention.
CloudWatch Logs keeps logs indefinitely by default.
CloudTrail logs can be sent to CloudWatch Logs for real-time monitoring.
CloudWatch Logs metric filters can evaluate CloudTrail logs for specific terms, phrases, or values.
CloudWatch retains metric data as follows:
- Data points with a period of less than 60 seconds are available for 3 hours. These data points are high-resolution custom metrics.
- Data points with a period of 60 seconds (1 minute) are available for 15 days.
- Data points with a period of 300 seconds (5 minute) are available for 63 days.
- Data points with a period of 3600 seconds (1 hour) are available for 455 days (15 months).
Dashboards allow you to create, customize, interact with, and save graphs of AWS resources and custom metrics.
Alarms can be used to monitor any Amazon CloudWatch metric in your account.
Events are a stream of system events describing changes in your AWS resources.
Logs help you to aggregate, monitor and store logs.
Basic monitoring = 5 mins (free for EC2 Instances, EBS volumes, ELBs and RDS DBs).
Detailed monitoring = 1 min (chargeable).
Metrics are provided automatically for several AWS products and services.
There is no standard metric for memory usage on EC2 instances.
A custom metric is any metric you provide to Amazon CloudWatch (e.g. time to load a web page or application performance).
Options for storing logs:
- CloudWatch Logs.
- Centralized logging system (e.g. Splunk).
- Custom script and store on S3.
Do not store logs on non-persistent disks: Best practice is to store logs in CloudWatch Logs or S3. CloudWatch Logs subscription can be used across multiple AWS accounts (using cross account access). Amazon CloudWatch uses Amazon SNS to send email.