Amazon CloudWatch | Log Monitoring Flashcards
What statistics can I view and graph in CloudWatch?
Log Monitoring
Amazon CloudWatch | Management Tools
You can retrieve, graph, and set alarms on the following statistical values for Amazon CloudWatch metrics: Average, Sum, Minimum, Maximum, and Sample Count. Statistics can be computed for any time periods between 60-seconds and 1-day. For high-resolution custom metrics, statistics can be computed for time periods between 1-second and 3-hours.
What log monitoring does Amazon CloudWatch provide?
Log Monitoring
Amazon CloudWatch | Management Tools
CloudWatch Logs lets you monitor and troubleshoot your systems and applications using your existing system, application and custom log files.
With CloudWatch Logs, you can monitor your logs, in near real time, for specific phrases, values or patterns. For example, you could set an alarm on the number of errors that occur in your system logs or view graphs of latency of web requests from your application logs. You can then view the original log data to see the source of the problem. Log data can be stored and accessed for up to as long as you need in highly durable, low-cost storage so you don’t have to worry about filling up hard drives.
What are Amazon CloudWatch Vended Logs?
Log Monitoring
Amazon CloudWatch | Management Tools
Amazon CloudWatch Vended logs are logs that are natively published by AWS services on behalf of the customer. VPC Flow logs is the first Vended log type that will benefit from this tiered model. However, more AWS Service log types will be added to Vended Log type in the future.
Is CloudWatch Logs available in all regions?
Log Monitoring
Amazon CloudWatch | Management Tools
Please refer to Regional Products and Services for details of CloudWatch Logs service availability by region.
How much does CloudWatch Logs cost?
Log Monitoring
Amazon CloudWatch | Management Tools
Please see our pricing page for the latest information.
What kinds of things can I do with my logs and Amazon CloudWatch?
Log Monitoring
Amazon CloudWatch | Management Tools
CloudWatch Logs is capable of monitoring and storing your logs to help you better understand and operate your systems and applications. When you use CloudWatch Logs with your logs, your existing log data is used for monitoring, so no code change are required. Here are a two examples of what you can do with Amazon CloudWatch and your logs:
Real time Application and System Monitoring: You can use CloudWatch Logs to monitor applications and systems using log data in near real time. For example, CloudWatch Logs can track the number of errors that occur in your application logs and send you a notification whenever the rate of errors exceeds a threshold you specify. Amazon CloudWatch uses your log data for monitoring and consequently it doesn’t involve any code changes from you.
Long Term Log Retention: You can use CloudWatch Logs to store your log data for as long as you need in highly durable and cost effective storage without worrying about hard drives running out of space. The CloudWatch Logs Agent makes it easy to quickly move both rotated and non rotated log files off of a host and into the log service. You can then access the raw log event data when you need it.
What types of data can I send to Amazon CloudWatch Logs from my EC2 instances running Microsoft SQL Server and Microsoft Windows Server?
Log Monitoring
Amazon CloudWatch | Management Tools
You can configure the EC2Config service to send a variety of data and log files to CloudWatch including: custom text logs, Event (Application, Custom, Security, System) logs, Event Tracing (ETW) logs, and Performance Counter (PCW) data. Learn more about the EC2Config service here.
How frequently does the CloudWatch Logs Agent send data?
Log Monitoring
Amazon CloudWatch | Management Tools
The CloudWatch Logs Agent will send log data every five seconds by default and is configurable by the user.
What log formats does CloudWatch Logs support?
Log Monitoring
Amazon CloudWatch | Management Tools
CloudWatch Logs can ingest, aggregate and monitor any text based common log data or JSON-formatted logs.
What if I configure the CloudWatch Logs Agent to send non-text log data?
Log Monitoring
Amazon CloudWatch | Management Tools
The CloudWatch Logs Agent will record an error in the event it has been configured to report non text log data. This error is recorded in the /var/logs/awslogs.log.
How do I start monitoring my logs with CloudWatch Logs?
Log Monitoring
Amazon CloudWatch | Management Tools
You can monitor log events as they are sent to CloudWatch Logs by creating Metric Filters. Metric Filters turn log data into Amazon CloudWatch Metrics for graphing or alarming. Metric Filters can be created in the Console or the CLI. Metric Filters search for and match terms, phrases or values in your log events. When a Metric Filter finds one of the terms, phrases or values in your log events, it counts it in an Amazon CloudWatch Metric that you choose. For example, you can create a Metric Filter to search for and count the occurrence of the word “Error” in your log events. Metric Filters can also extract values from space delimited log events, such as the latency of web requests. You can also use conditional operators and wildcards to create exact matches. The Amazon CloudWatch Console can help you test your patterns before creating Metric Filters.
What is the syntax of Metric Filter patterns?
Log Monitoring
Amazon CloudWatch | Management Tools
A Metric Filter pattern can contain search terms or a specification of your common log or JSON event format.
For example, if you want to search for the term Error, the pattern for the metric filter would just be the term Error. Multiple search terms can be included to search for multiple terms. For example, if you wanted to count events which contained the terms Error and Exception you would use the pattern Error Exception. If you wanted to match the term Error Exception exactly, you would put double quotes around the search term, “Error Exception”. You can specify as many search terms as you like.
CloudWatch Logs can also be used to extract values from a log event in common log or JSON format. For example, you could track the bytes transferred from your Apache access logs. You can also use conditional operators and wildcards to match and extract the data you are interested in. To use the extraction feature of Metric Filters, log events must be space delimited and use a starting and ending double quote “””, or, a starting square brace “[” and a closing square brace “]”square, to enclose fields. Alternatively, they can be JSON-formatted log events. For the full details of the syntax and examples, please see the Developer Guide for Metric Filters.
How do I know that a Metric Filter pattern I specified will match my log events?
Log Monitoring
Amazon CloudWatch | Management Tools
CloudWatch Logs lets you test the Metric Filter patterns you want before you create a Metric Filter. You can test your patterns against your own log data that is already in CloudWatch Logs or you can supply your own log events to test. Testing your pattern will show you which log events matched the Metric Filter pattern and, if extracting values, what the extracted value is in the test data. Metric Filter testing is available for use in the console and the CLI.