What is AWS_CloudWatch? It is a repository of metrics

2021-03-04 2021-03-04

What is AWS CloudWatch?

This is one of the AWS monitoring solution services.

The function is to be a repository of metrics.

EC2, etc., are placed in a repository and statistics are obtained based on these metrics.

CloudWatch allows you to set billing alarms that are triggered when costs exceed a configured threshold.

You can also use CloudWatch alarms to send SNS notifications to your email address.

AWS Billing alarms can be set up to alert you via email or other means when billing reaches a set value.

Items that can be monitored

Amount of stored data

Charge

To obtain detailed log information other than the default metrics for EC2 instances, you need to use two CloudWatch services

One is the CloudWatch agent. By installing this agent on the target EC2 instance, CloudWatch can obtain detailed logs inside the server

The second service is CloudWatch Logs.

CloudWatch Logs can aggregate the acquired logs and perform log management for EC2 instances.

Therefore, only CloudWatch Log can be selected as an option

Enable flow logging to get network traffic logs in CloudWatch

Flow logs capture network traffic for EC2 instances

To get EC2 instance logs in CloudWatch, you need to run a CloudWatch agent on the EC2 instance and forward the logs to CloudWatch Logs

AWS provides a central logging solution to collect, analyze, and display logs across multiple accounts and multiple regions.

To build this mechanism, it is necessary to capture EC2 instance log files and VPC flow logs.

You can use the CloudWatch agent to collect metrics and logs from Amazon EC2 instances and on-premise servers.

This allows centralized control of logs to be achieved.

By enabling VPC flow logging, you can capture IP traffic information going to and from EC2 instances and network interfaces.

Centralized management of logs can be achieved by aggregating this data, e.g. CloudWacth