CloudWatch Flashcards
This deck aims to help retain concepts related to the CloudWatch service.
What AWS service provides the ability to monitor applications, infrastructure, networks, and services, enabling alarms, log analysis, and automated actions?
AWS CloudWatch
Is AWS CloudWatch a public service?
Yes, it is a public service accessible through AWS public endpoints and can be used from both AWS and on-premises environments
How do public AWS services access AWS CloudWatch?
Through an Internet Gateway
How do private AWS services access AWS CloudWatch?
Through a VPC Interface Endpoint
What type of native integration do AWS services have with AWS CloudWatch?
Managment Plane, that includes general metrics for the service
For EC2 this can be CPUUtilization, NetworkIn, NetworkOut metrics
What software is required to create custom metrics in AWS CloudWatch?
CloudWatch Agent (CWAgent)
What AWS CloudWatch software enables access to internal EC2 instance metrics like memory utilization, running processes, and disk space usage?
CloudWatch Agent (CWAgent)
How can on-premises applications integrate with AWS CloudWatch?
- AWS CloudWatch API
- AWS CloudWatch Agent (CWAgent)
What options are available for viewing data stored in AWS CloudWatch?
- Console UI
- CLI
- API
Which AWS CloudWatch feature monitors metrics and triggers actions when thresholds are exceeded?
CloudWatch Alarms, which track metrics over time and respond based on threshold values
What states can an AWS CloudWatch Alarm transition between?
- OK: Metric remains below the threshold
- ALARM: Metric exceeds the threshold
- INSUFFICIENT_DATA: Not enough data to determine the state
What happens when an AWS CloudWatch Alarm breaches its threshold?
Entering the ALARM state triggers one or more predefined actions:
- Sending notifications via SNS
- Executing remediation tasks
- Modifying Auto Scaling policies
- Initiating EventBridge events
What metric type can a high-resolution AWS CloudWatch Alarm monitor?
High-resolution metrics with a period of 10 or 30 seconds
What is the smallest unit of information in CloudWatch, consisting of a value, timestamp, and optionally a unit of measure?
Datapoint
What CloudWatch component acts as a container for grouping metrics from different services?
Namespace (e.g. AWS/EC2, AWS/Lambda)
What CloudWatch component represents a named, time-ordered series of datapoints?
Metric, identified by a MetricName (e.g., CPUUtilization) and a Namespace (e.g., AWS/EC2)
What CloudWatch component represents a name/value pair attached to datapoints, used to differentiate or aggregate metric data?
Dimension
What information does a datapoint include when sent to AWS CloudWatch?
- Value
- Timestamp
- Unit of measure
- MetricName
- Namespace
- One or more Dimensions
How can metrics for different services and resources be distinguished in AWS CloudWatch?
By combining the following pieces of information:
- Namespace: AWS/EC2
- Metric Name: CPUUtilization
- Dimensions: Name=InstanceId, Value=i-1234567890abcdef0
What are the types of metric resolutions supported in AWS CloudWatch?
- Standard Resolution: 60-second granularity
- High Resolution: 1-second granularity (higher cost)
What AWS CloudWatch metric resolution type is used by AWS services by default?
Standard resolution (60 seconds)
Which CloudWatch metric resolution provides faster, more immediate insights?
High resolution (1 second)
Does AWS CloudWatch retain the original resolution of metrics as data ages?
No, data is aggregated and stored with lower resolution over time:
- Sub-60-second data: retained for 3 hours
- 60-second (1-minute) data: retained for 15 days
- 300-second (5-minute) data: retained for 63 days
- 3600-second (1-hour) data: retained for 455 days
What CloudWatch component allows aggregating metric data over a specified time period?
Statistics
What types of statistics does AWS CloudWatch support for a metric?
- SampleCount
- Sum
- Average
- Minimum
- Maximum
- Percentile (p)
- Trimmed Mean (TM)
- Interquartile Mean (IQM)
- Winsorized Mean (WM)
- Percentile Rank (PR)
- Trimmed Count (TC)
- Trimmed Sum (TS)
Which AWS CloudWatch statistic helps analyze the distribution of metric data by showing the relative standing of a value and eliminating outliers?
Percentile (p)
Is AWS CloudWatch Logs a global service?
No, it is a regional service
Which AWS service centralizes logs from systems, applications, and AWS services into a scalable solution?
AWS CloudWatch Logs
If AWS CloudWatch Logs is regional, where are logs from global AWS services like Route 53 stored?
In the us-east-1 region
Does AWS CloudWatch Logs support logging only for AWS services?
No, it supports logs from:
- AWS services
- On-premises systems
- IoT devices and other applications
Which AWS services integrate with AWS CloudWatch Logs?
- VPC Flow Logs
- CloudTrail
- Route 53
- API Gateway
- Lambda
- Elastic Beanstalk
- ECS and more
What software is required to send system or custom application logs to AWS CloudWatch Logs?
CloudWatch Agent (CWAgent)
What are the two main functional sides of AWS CloudWatch Logs?
- Ingestion Side: Handles the process of collecting and storing logs in the system
- Subscription Side: Enables other services to use logs for additional actions, such as analysis or triggering workflows
How does log data get into AWS CloudWatch Logs?
Logging sources send log events to CloudWatch Logs via:
- CloudWatch Agent (CWAgent)
- CloudWatch API
What AWS CloudWatch Logs component represents a single unit of log data ingestion, and consists of Timestamp and a Raw Message?
Log Event
What AWS CloudWatch Logs component represents a series of Log Events generated by the same source (resoruce)?
Log Stream
What AWS CloudWatch Logs component groups multiple Log Streams together and defines shared settings like retention policies, monitoring, and access controls?
Log Group
Which AWS CloudWatch Logs component is used to configure retention, permissions, and encryption?
Log Group
What feature in AWS CloudWatch Logs enables pattern detection within a Log Stream inside a Log Group?
Metric Filter
How data captured by AWS CloudWatch Logs Metric Filters can be used?
Can be used to create a Metrics that can trigger an Alarms, which can initiate actions, such as notifications or automated responses
What are common use cases for AWS CloudWatch Logs Metric Filters?
Monitoring application failures:
- Application crashes (e.g., HTTP 500 errors)
- Failed login attempts, and more
What are the two options for exporting data from AWS CloudWatch Logs?
- S3 Export
- CloudWatch Logs Subscription Filter
Which CloudWatch Logs export option is a non-realtime, manual process that can take up to 12 hours to complete?
S3 Export, using the CreateExportTask operation
Which CloudWatch Logs export option provides access to real-time feed of log events, delivering them to various AWS services?
CloudWatch Logs Subscription Filter
What AWS CloudWatch Logs feature specifies the filter pattern for selecting log events and determines where to send matching events?
CloudWatch Logs Subscription Filter
When AWS CloudWatch Logs Subscription Filter delivers log events to receiving services, are the events in raw format?
No, the event data is base64-encoded and compressed using gzip
Which AWS services can be used with CloudWatch Logs Subscription Filter for real-time log event processing?
- Lambda for custom processing
- Lambda + Kinesis Data Streams
- Lambda + Kinesis Data Firehose (NOT real-time)
What option in AWS CloudWatch Logs Subscription Filter determines which log events are processed by the filter?
Pattern
What option in AWS CloudWatch Logs Subscription Filter specifies the target for log event delivery?
Destination ARN
Which AWS CloudWatch Subscription Filter option determines how log events are grouped before being sent to the destination service?
Distribution
Which AWS CloudWatch Subscription Filter option specifies the access permissions required to deliver log events to the destination service?
Permissions
What AWS CloudWatch Logs feature enables centralizing logs from multiple AWS accounts into a single account for analysis?
CloudWatch Logs Subscription Filter
What AWS service enables distributed tracing to track requests across multiple services and provides insights for optimization?
AWS X-Ray
What AWS X-Ray component uniquely identifies and tracks a request across distributed services?
Trace Header
What AWS X-Ray component represents a data block sent to X-Ray by supported services?
Segment
What information is included in an AWS X-Ray Segment?
- Host Name / IP / Alias
- Request Details
- Response Details
- Work Duration (time)
- Errors or Issues
- Subsegments (nested requests within the segment)
What AWS X-Ray JSON document provides a detailed view of the services and resources within an application?
Service Graph
What AWS X-Ray visual tool illustrates the flow through a distributed application, including response times, request counts, errors, and issues?
Service Map
What AWS services have native integration with AWS X-Ray, and how is integration configured?
Services require specific permissions to interact with X-Ray:
- EC2: X-Ray Agent installed on the instance
- ECS: Agent installed in the task
- Lambda: X-Ray integration enabled in the function settings
- Elastic Beanstalk: Pre-installed X-Ray Agent
- API Gateway: X-Ray tracing enabled per stage
- SNS/SQS: Configured to send data into X-Ray
What command is used to associate a Customer Master Key (CMK) with an existing AWS CloudWatch log group?
associate-kms-key
