Cloud Watch

  1. CloudWatch  Metrics represents a time-ordered set of data points that are published to CloudWatch. Think of a metric as a variable to monitor, and the data points represent the values of that variable over time. For example, the CPU usage of a particular EC2 instance is one metric provided by Amazon EC2.
    1. Basic metrics are 5 min intervals and free. Custom metrics are 1 min intervals and cost you extra.
    2. Stored for 2 weeks
    3. Only host level metrics such as below are available free
      1. CPU
      2. Network
      3. Disk
      4. Status Checks
    4. VM level metrics such as memory metrics are not available by default. Its a custom metric done by scripts run in EC2
    5. namespace is a container for CloudWatch metrics. Metrics in different namespaces are isolated from each other, so that metrics from different applications are not mistakenly aggregated into the same statistics.
  2. You can create CloudWatch  Dashboards to customize your view of cloud watch metrics
  3. CloudWatch  Alarms  feature allows you to watch CloudWatch metrics and to receive notifications when the metrics fall outside of the levels (high or low thresholds) that you configure. You can attach multiple Alarms to each metric and each alarm can have multiple actions.
    1. A CloudWatch Alarm is always in one of three states: OK, ALARM, or INSUFFICIENT_DATA. When the metric is within the range that you have defined as acceptable, the Monitor is in the OK state. When it breaches a threshold it transitions to the ALARM state. If the data needed to make the decision is missing or incomplete, the monitor transitions to the INSUFFICIENT_DATA state.
    2. Choose resource (EC2 or ELB or DynamoDB etc)
    3. Threshold: Example: CPU utilization >= 70% for 2 out of 5 data points
    4. Actions: Alarms watch metrics and execute one or more actions by
      1. Publishing notifications to Amazon SNS topics. SNS can inturn deliver notifications using HTTP, HTTPS, SMS, Email, or an Amazon SQS queue.
      2. By initiating Auto Scaling actions
      3. Executing Resource specific actions (Reboot EC2 etc.).
    5. The actions happen only on state transitions, and will not be re-executed if the condition persists for hours or days.
    6. Multiple notifications/actions are allowed when an Alarm is triggered. You can send an email and do a scaling action and do a recovery action, all with single alarm.
    7. You can also add alarms to dashboards.
  4. CloudWatch Events Amazon CloudWatch Events (CWE) is a stream of system events describing changes in your AWS resources. The events stream augments the CloudWatch Metrics and Logs streams to provide a more complete picture of the health and state of your applications. You write declarative rules to associate events of interest with automated actions to be taken. Currently, Amazon EC2, Auto Scaling, and AWS CloudTrail are supported. Via AWS CloudTrail, mutating API calls (i.e., all calls except Describe*, List*, and Get*) across all services are visible in CloudWatch Events.
    1. An event indicates a change in your AWS environment.
    2. AWS resources can generate events when their state changes.
      1. For example, Amazon EC2 generates an event when the state of an EC2 instance changes from pending to running
      2. Update DNS with public ip after EC2 starts successfully
      3. Amazon EC2 Auto Scaling generates events when it launches or terminates instances.
    3. Your applications can emit custom events by using the PutEvents API, with a payload uniquely suited to your needs
    4. You can also set up scheduled events that are generated on a periodic basis. For example you can reboot your EC2 every 24 hours.
    5. Rules 
      1. A rule matches incoming events and routes them to targets for processing.
      2. A single rule can route to multiple targets, all of which are processed in parallel.
      3. Rules are not processed in a particular order. This enables different parts of an organization to look for and process the events that are of interest to them.
      4. A rule can customize the JSON sent to the target, by passing only certain parts or by overwriting it with a constant.
    6. Targets 
      1. A target processes events.
      2. Targets can include Amazon EC2 instances, AWS Lambda functions, Kinesis streams, Amazon ECS tasks, Step Functions state machines, Amazon SNS topics, Amazon SQS queues, and built-in targets.
      3. A target receives events in JSON format.
  5. CloudWatch Logs You can use CloudWatch Logs to monitor, store, and access your log files from EC2, CloudTrail, Route 53, and other sources.
    1. Monitor Logs from Amazon EC2 Instances in Real-time—You can use CloudWatch Logs to monitor applications and systems using log data.
      1. example, CloudWatch Logs can track the number of errors that occur in your application logs (replace ELMAH) and send you a notification whenever the rate of errors exceeds a threshold you specify.
    2. Monitor AWS CloudTrail Logged Events
    3. Archive Log Data—You can use CloudWatch Logs to store your log data in highly durable storage.
      1. You can change the log retention setting so that any log events older than this setting are automatically deleted.
    4. Log Route 53 DNS Queries—You can use CloudWatch Logs to log information about the DNS queries that Route 53 receives.
    5. You can use the CloudWatch Logs agent installer on an existing EC2 instance to install and configure the CloudWatch Logs agent.
    6. After installation is complete, logs automatically flow from the instance to the log stream you create while installing the agent. The agent confirms that it has started and it stays running until you disable it.
    7. In addition to using the agent, you can also publish log data using the AWS CLI, CloudWatch Logs SDK, or the CloudWatch Logs API.
    8. The AWS CLI is best suited for publishing data at the command line or through scripts.
    9. The CloudWatch Logs SDK is best suited for publishing log data directly from applications or building your own log publishing application.
  6. CloudWatch retains metric data as follows:
    1. Data points with a period of less than 60 seconds are available for 3 hours. These data points are high-resolution custom metrics.
    2. Data points with a period of 60 seconds (1 minute) are available for 15 days
    3. Data points with a period of 300 seconds (5 minute) are available for 63 days
    4. Data points with a period of 3600 seconds (1 hour) are available for 455 days (15 months)
  7. The unified CloudWatch agent is a piece of software running on EC2 instances and enables you to do the following:
    1. Collect more system-level metrics from Amazon EC2 instances, including in-guest metrics, in addition to the metrics listed in Amazon EC2 Metrics and Dimensions.
    2. Collect system-level metrics from on-premises servers. These can include servers in a hybrid environment as well as servers not managed by AWS.
    3. Collect logs from Amazon EC2 instances and on-premises servers, running either Linux or Windows Server.
<<< Simple Storage Service (S3)Cloudtrail Logs >>>
Copyright 2005-2016 KnowledgeHills. Privacy Policy. Contact .