Monitoring Flashcards
1
Q
CloudWatch EC2
A
- Standard at 5 min intervals
- Can enabled detailed at 1 min intervals
2
Q
CW EC2 Metrics
A
- If have instance store metrics can include disk
- To send RAM metrics use CW unified agent
3
Q
CW Custom Metrics Resolution
A
Standard 1min, but can make 1sec
4
Q
CW Alarms Can Trigger
A
- EC2 Action
- Auto-scaling Action
- SNS
- Can be intercepted by CW Events
5
Q
CW Dashboards
A
- Metrics & Alarms
- Metrics of multiple regions
6
Q
CW Events
A
Can intercept any API call with CloudTrail integration
7
Q
CW Logs - Sources
A
- SDK
- CW logs agent
- CW unified agent
- Elastic Beanstalk, collects logs from apps
- ECS: collection from containers
- Route53: DNS queries
8
Q
CW Logs
A
- Log Groups - Application
- Log Stream - instances within application / log files/ containers
- Can define log expiration policies
- Optional KMS
- Multi account and multi region aggregation -> Kinesis Data Streams
9
Q
CW Insights
A
- Can be used to query logs and add queries to Dashboard
- Has a list of pre-defined useful queries
10
Q
CW S3 Export
A
- S3 buckets must be encrypted w SSE-S3, NOT SSE-KMS
- Log data can take up to 12 hours to become available for export
- Must call CreateExportTask, so NOT automated
11
Q
CW Logs Subscription Filter Targets
A
- Lambda -> ES (Real time)
- Lambda -> Custom
- Lambda -> Kinesis Firehose -> Amazon S3/ES (Near real time)
- Kinesis Data Streams
12
Q
Batch Sends
A
- batch_count: default 10000, min 1
- batch_duration: default & min is 5000ms
- batch_size: default & max 1MB
13
Q
CW Unified Agent
A
- Additional system-level metrics, RAM, processes etc
- Centralised config using SSM Parameter Store
- Both agents cannot send to Kinesis, only CW logs
14
Q
X-ray
A
X-ray agent or services need IAM permissions to X-ray
