Cloudwatch Flashcards
Unified Cloudwatch Agent
for granular, custom logs, or OS level logs and other non AWS Service integration, eg, on-premise
CLoudtrail Retention
90 days stored by default in events History
Cloudtrail Management Operations vs Data Events
API calls on Resources on AWS Account. Interractions with AWS Resources. AKA Control plane operations. eg Create EC2, Create a bucket
Data Events - About resource operations on or in a worker Nodes or in a resource, on events (Streams, lambda calls, etc)
Cloudwatch global Trail
listens to every event on that account, while a regional trail will only capture events within that region.
Log events for Global services into us-east-1(Global HQ). Eg, IAM, Route53, CLoudfront, STS
Meanwhile, regional trail only logs events for regions where the event is generated
Global Trail is enabled by default when a new account is created
Default Setting for CLoudtrail events
By default, events are stored within Cloudtrail.
Unless a Trail is activated, whereby, storage can then be assigned by user/engineer.
ONLY Management events is enabled by default.
Data events have to be enabled
Cloudtrail can store logs in… ?
both cloud watch logs and S3 indefinitel, only S3 charges apply.
Advantage of storing logs in Cloudwatch logs is the ability to apply filters and perform other operations that are otherwise more complex to run with s3
Note:
By default, events are stored within Cloudtrail(as cloud trail History) for 90 days
Unless a Trail is activated, whereby, storage can then be assigned by user/engineer.
CLoudtrail Pricing (Management events vs Data Events)
Management Events - Free
Data Events are billed
CloudTrail Latency
Not real-time
15 minutes
STOP LOGGING
a function on CloudTrail used for stopping/pausing trails. This can be beneficial for minimizing costs associated with generating larger files into s3 that may incur charges
Cloudwatch Metric dimensions
- Cloudwatch Metric dimensions are key:value pairs attached to a metric to specify it’s source. This could be instance ID, AMI iD etc
CLoudwatch detailed monitoring
- CLoudwatch detailed monitoring enables 1 minute granularity metrics report
What is a cloudwatch Metric
- A metric is a collection of related datapoint in a time ordered structure
Cloudwatch use case
- Cloudwatch is a public service, it can be used on AWS, On-prem and even other Cloud Platforms
Cloudwatch default monitors for ec2
C.N.D
- CPU
- Network
- DISK
Cloudwatch Namespace
A Container for storing data/metrics. Like a folder that separates/isolates different metrices.
All AWS Data goes into the NameSpace: AWS/Service. Eg, AWS/Ec2. This namespace is reserved
Cloudwatch detailed
Cloudwatch detailed monitoring enables 1 minute granularity metrics report
Advantage of storing logs in Cloudwatch
Advantage of storing logs in Cloudwatch logs is the ability to apply filters and perform other operations that are otherwise more complex to run with s3
can cloudtrail be applied to monitor AWS Organization ?
Cloudtrail can be applied to monitor an entire AWS Organization for account-wide scope monitoring
CLoudtrail latency
CloudTrail is Not real-time
Takes 15 minutes to populate
Data events default setting
Data events Trail has to be intentionally enabled, as it is not enabled by default. This is because data events can be very vast/volumnous
Cloutrail logs format
Compressed JSON
CloudTrail is enabled by default in an AWS account.
True, but only for 90days. And just management trails
Cloudtrail is not real time
Cloudtrail is not realtime, It logs once in every 15mins
Cloudwatch Insights
CloudWatch Logs Insights enables you to interactively search and analyze your log data in Amazon CloudWatch Logs. You can perform queries to help you more efficiently and effectively respond to operational issues.