Monitoring, Logging, and Remediation

Question 1

Log events

Answer 1

Event messaging and time stamp

Question 2

Log Stream

Answer 2

Sequence of log events from the same resource. Each log stream must belong to a log group.

Question 3

Log Group

Answer 3

A group of log streams that share the same retention, monitoring and access control settings

Question 4

Default EC2 host-level metrics:

Answer 4

CPU,Network,disk, and status check.

Question 5

How can we monitoring the memory usage of an instance?

Answer 5

Installing cloudwatch agent, hence we can monitor memory usage, processes, and CPU idle time.

Question 6

Cloudwatch Logs

Answer 6

with cloudwatch logs we can see: Application logs: Apache logs.
System logs: EC2.
AWS Services: CloudTrail, Route 53.

Question 7

what can we do using cloudwatch logs?

Answer 7

We can view, search and filter, based on error codes and messages, example: 404 status in apache logs.

Also, we can receive notifications whenever the rate of errors exceeds a threshold that it’s specified.

Question 8

How is CloudWatch Alarms useful?

Answer 8

It’s really useful for monitoring any metric in aws account if a certain threshold is reached through alarms.

Question 9

Can AWS cloudwatch alarms be integrated with another AWS service?

Answer 9

It can be integrated with SNS (Simple Notification Service) to send a notification email alert to AWS support team.

Question 10

CloudWatch Alarms Use case

Answer 10

An alarm that is triggered if CPU utilization exceeds 90% on your EC2 instance for more than 5 minutes.

Question 11

Monitor Service Quotas

Answer 11

CloudWatch can be used to monitor service quotas or limits when you are about to reach a limit.

. It can be alert in the cloudwatch dashboard.

. An SNS notification can be used to email your IT support team.

. Use case, when you reach 90% of the quota value for on-demand EC2 instances.

Question 12

Health Events

Answer 12

Provides information about changes in the health of AWS resources.

. Can send health events to EventBridge (was cloudwatch events).

. triggering a cloudwatch alarm and then trigger an action sending an SNS notification, send a message to SQS or trigger a lambda function

Question 13

AWS Config

Answer 13

. Configuration Monitoring: Continuously monitors the configuration of your AWS resources for compliance, with a desired state that you define.

. Dashboard: Provides an inventory, and shows compliance and non-compliance.

. Rules: Define the desired state of your resource configuration

. Conformance packs: a set of rules managed as one, Operational Best practices for S3, EC2, IAM.

. Automatic Remediation: remediates non-compliant resources by triggering an action that you define.