Section 14: Monitoring, Logging and Auditing Flashcards
What is AWS CloudWatch?
Amazon CloudWatch is a service that monitors applications, responds to performance changes, optimizes resource use, and provides insights into operational health. This is done in real-time.
https://digitalcloud.training/amazon-cloudwatch/
What is CloudWatch used for?
- used for performance monitoring, alarms, log collection and automated actions
- used to collect performance metrics from AWS on on-premise systems
- used to automate responses to operational changes
CloudWatch core features
- Metrics - services send time-ordered data point to CloudWatch
- Alarms - monitor metrics and initiate actions
- Logs - centralised collection of system and application logs
- Events - stream of system events describing changes to AWS resources and can trigger actions
Unified CloudWatch Agent
CloudWatch can read CPU utilization, Network info, status checks etc. However does not track Memory and Disk Usage.
To track Memory and Disk usage, you need to enable Unified CloudWatch Agent.
What is Unified CloudWatch Agent?
Enables you to:
* collect internal system-level metrics from EC2 instances across operating systems
* collect system-level metrics from on-premise servers
* retrieve custom metrics from your applications or services using the StatdsD and collectd protocols
* Collect logs from EC2 instaces and on-premise servers (Windows / Linux)
* Agent must be installed on the server
More details - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/metrics-collected-by-CloudWatch-agent.html
AWS CloudTrail
CloudTrail enables auditing, security monitoring, and operational troubleshooting by tracking user activity and API usage.
CloudTrail logs, continuously monitors, and retains account activity related to actions across your AWS infrastructure, giving you control over storage, analysis, and remediation actions.
CloudTrail
- CloudTrail logs API activity for auditing
- by default, events are logged and retained for 90 days
- CloudTrail S3 logs any events to S3 for indefinite retention
- CloudWatch events can be triggered based on API calls to CloudTrail
- Events can be streamed to CloudWatch Logs
CloudTrail - event types
- Management events - provide info about management operations that are performed on resources in your AWS account
- Data events - provide info about resource operations performend on or in a resource
- Insights events - identify and respond to unsual activity associated with write API calls by continously analysing CloudTrail management events
SQS vs SNS vs EventBridge
Main purpose
* AWS SQS facilitates decoupling and asynchronous communication.
* AWS SNS notifies or broadcasts messages to multiple subscribers.
* AWS EventBridge receive and process events from multiple sources
Key concepts:
* AWS SQS uses queues, messages, and long or short polling.
* AWS SNS uses topics, messages, and publish/subscribe.
* AWS EventBridge uses event buses, events, targets, and rules.
Use case:
* AWS SQS is suitable for single consumers and asynchronous processing.
* AWS SNS is used for multiple consumers and fan-out notifications.
* AWS EventBridge is used for multiple consumers and event-based processing.
More info - https://www.linkedin.com/pulse/exploring-aws-messaging-eventing-services-sqs-sns-mahmudul-hasan
AWS X-Ray
AWS X-Ray helps developers analyze and debug production, distributed applications, such as those built using a microservices architecture.
With X-Ray, you can understand how your application and its underlying services are performing to identify and troubleshoot the root cause of performance issues and errors.
X-Ray can bse used with applications running on EC2, ECS, Lambda and Elastic Beanstalk.
Amazon Managed Service for Promethues
- Prometheus is an open-source monitoring system and time series database
- Use its own query lanague to monitor and alert perofrmance of containerised workload
- automatically scales with ingestion, storage, alerting, etc
- Integrated with EKS, ECS and AWS Distro for OpenTelemetry
Amazon Managed Grafana
- Grafana is an open-source analytics and monitoring solution for databases
- provides interactive data visualisation for your monitoring and operational data
- integrations with AWS SSO and SAML
EC2 metrics/monitoring
EC2 metrics sent every 5mins by default (free)
Detailed EC2 monitoring sends every 1 minutue (chargeable)
AWS CloudWatch Metrics
Standards resolution - one minute data granularity (default)
High resolution - one second data granularity
Which service is involved with monitoring the performance of AWS services using metrics?
AWS CloudWatch
CloudWatch is the service that provides performance monitoring.
