AWS Monitoring and Logging Services Flashcards

1
Q

What is Amazon CloudWatch?

A

Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications you run on AWS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is CloudWatch used for?

A

CloudWatch is for performance monitoring (CloudTrail is for auditing).

Used to collect and track metrics, collect, and monitor log files, and set alarms.

Automatically react to changes in your AWS resources.

Gain system-wide visibility into resource utilization.

Monitor application health.

Monitor operational health.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What resources can Cloudwatch monitor?

A

Monitor resources such as:

EC2 instances.
DynamoDB tables.
RDS DB instances.
Custom metrics generated by applications and services.
Any log files generated by your applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How is Cloudwatch accessed?

A

CloudWatch is accessed via API, command-line interface, AWS SDKs, and the AWS Management Console.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What features does Cloudwatch have?

A

Dashboards allow you to create, customize, interact with, and save graphs of AWS resources and custom metrics.

Alarms can be used to monitor any Amazon CloudWatch metric in your account.

Events are a stream of system events describing changes in your AWS resources.

Logs help you to aggregate, monitor and store logs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What features does Cloudwatch Logs have?

A

Amazon CloudWatch Logs lets you monitor and troubleshoot your systems and applications using your existing system, application, and custom log files.

CloudWatch Logs can be used for real time application and system monitoring as well as long term log retention.

CloudWatch Logs keeps logs indefinitely by default.

CloudWatch Logs metric filters can evaluate CloudTrail logs for specific terms, phrases, or values.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the Charge for Cloudwatch?

A

Basic monitoring = 5 mins (free for EC2 Instances, EBS volumes, ELBs and RDS DBs).

Detailed monitoring = 1 min (chargeable).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How long does Cloudwatch retain metrics for?

A

Data points with a period of less than 60 seconds are available for 3 hours. These data points are high-resolution custom metrics.
Data points with a period of 60 seconds (1 minute) are available for 15 days.
Data points with a period of 300 seconds (5 minute) are available for 63 days.
Data points with a period of 3600 seconds (1 hour) are available for 455 days (15 months).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What metrics does CloudWatch have?

A

Metrics are provided automatically for several AWS products and services.

There is no standard metric for memory usage on EC2 instances.

A custom metric is any metric you provide to Amazon CloudWatch (e.g. time to load a web page or application performance).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is best practice for storing logs from Cloudwatch?

A

Options for storing logs:

  • CloudWatch Logs.
  • Centralized logging system (e.g. Splunk).
  • Custom script and store on S3.
  • Do not store logs on non-persistent disks:

Best practice is to store logs in CloudWatch Logs or S3.

CloudWatch Logs subscription can be used across multiple AWS accounts (using cross account access).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What integration does Cloudwatch have?

A

CloudWatch integrates with IAM.

Amazon CloudWatch uses Amazon SNS to send email.

CloudTrail logs can be sent to CloudWatch Logs for real-time monitoring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is AWS CloudTrail?

A

AWS CloudTrail is a web service that records activity made on your account and delivers log files to an Amazon S3 bucket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is CloudTrail used for?

A

CloudTrail is for auditing (CloudWatch is for performance monitoring).

CloudTrail is about logging and saves a history of API calls for your AWS account.

Provides visibility into user activity by recording actions taken on your account.

API history enables security analysis, resource change tracking, and compliance auditing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How are Logs API calls made in CloudTrail?

A

Logs API calls made via:

AWS Management Console.
AWS SDKs.
Command line tools.
Higher-level AWS services (such as CloudFormation).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What records does CloudTrail log?

A

CloudTrail records account activity and service events from most AWS services and logs the following records:

The identity of the API caller.
The time of the API call.
The source IP address of the API caller.
The request parameters.
The response elements returned by the AWS service.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Is CloudTrail enabled by default?

A

CloudTrail is enabled by default.

17
Q

Is CloudTrail per AWS account?

A

CloudTrail is per AWS account.

18
Q

How do you consolidate logs from multiple accounts in CloudTrail?

A

You can consolidate logs from multiple accounts using an S3 bucket:

  1. Turn on CloudTrail in the paying account.
  2. Create a bucket policy that allows cross-account access.
  3. Turn on CloudTrail in the other accounts and use the bucket in the paying account.
19
Q

What does CloudTrail log file integrity validation allow you to do?

A

CloudTrail log file integrity validation feature allows you to determine whether a CloudTrail log file was unchanged, deleted, or modified since CloudTrail delivered it to the specified Amazon S3 bucket.

20
Q

What integrations does CloudTrail have?

A

You can integrate CloudTrail with CloudWatch Logs to deliver data events captured by CloudTrail to a CloudWatch Logs log stream.