AWS CloudWatch Exam Preparation
- CloudWatch is a monitoring and management service.
- CloudWatch Collects all logs & Metrics from all your AWS resources as well on-prem(if configured).
- Can create a visualization tool /dashboard based on the logs.
- Allows to configure Alarms to take action.
- Metrics which are available by default,
- CPU related – usage
- Disk related – read/write ops
- network related – in/out, packets
- Status related – Testing instance level / host level.
- CloudWatch metric data is kept for 2 weeks.
- Amazon CloudWatch Logs Agent installer on existing Amazon EC2 instances to install and configure the CloudWatch Logs Agent.
- AWS CloudTrail, which is a service that records AWS calls for your AWS account and delivers log files to an Amazon S3 bucket.
- Cloud Trail are by default encrypted @S3.
- CloudTrail can be enabled for all regions from one place.
- If the question is on monitoring mostly we should use Cloudwatch, if it is on auditing/api call logs then it has to be CloudTrail.
- Turning on Cloudwatch custom metrics will provide additional monitoring on Memory.
- If there are any keywords like compliance, audit, security threats,api calls,regulations -> prefer CloudTrail over Cloudwatch.