AWS CloudTrail vs Amazon CloudWatch Flashcards
CloudWatch is a monitoring service for AWS resources and applications. CloudTrail is a web service that records API activity in your AWS account. They are both useful monitoring tools in AWS.
By default, CloudWatch offers free basic monitoring for your resources, such as EC2 instances, EBS volumes, and RDS DB instances. CloudTrail is also enabled by default when you create your AWS account.
With CloudWatch, you can collect and track metrics, collect and monitor log files and set alarms.
CloudTrail, logs information on who made a request, the services used, the actions performed, paramters for the actions and the response elements returned by the AWS service. CloudTrail logs are then stored in an S3 bucket or a CloudWatch logs log group that you specify
You can enable detailed monitoring from your AWS resources to send metric data to CloudWatch more frequently, with an additional cost
CloudTrail delivers one free copy of management event logs for each AWS region. Management events include management operations performed on resources in your AWS account, such as when a user logs into your account. Logging data events are charged. Data events include resource operations performedn on or within the resource itself, such a S3 object level API activity or Lambda function execution activity.
CloudTrail helps you ensure compliance and regulatory standards
CloudWatch Logs report on application logs, while CloudTrail Logs provide you specific information on what occurred in your AWS account
CloudWatch Events in near real time stream of system events describing changes to your AWS resources.
CloudTrail focuses more on AWS API calls made in your AWS account
Typically, CloudTrail delivers an event within 15 minutes of the API call.
CloudWatch delivers metric data in 5 minutes periods for basic monitoring and 1 minute periods for detailed monitoring
The CloudWatch Logs Agent will send log data every five seconds by default