[AWS] CloudWatch

CloudWatch is a collection of services that monitor/observe cloud resources via metrics and provide actionable insights.

  • CloudWatch monitors the performance of AWS services – a repository service for metric data.
  • CloudWatch logs the events and visualizes them.

Amazon CloudWatch

  • A CloudWatch metric is a set of data points over time. (ex. CPU Utilization of EC2 instances)
  • Metrics can be configured with alarms that can take actions.
  • Autoscaling is dependent on CloudWatch to trigger the addition or removal of instances.

Data retention

  • one-hour metrics (for 455 days)
  • five-minute metrics (for 63 days)
  • one-minute metrics (for 15 days)

Monitoring Plans

  • Basic: Data is available in 5-minute periods at no charge.
  • Detailed: Data is available in 1-minute periods with an additional charge.

CloudWatch Services

CloudWatch is a collection of services: Alarms, Logs, Metrics, and Events.


  • Insufficient: not enough data
  • Alarm: the threshold is breached.
  • OK: The metric is within the defined threshold.
  • The components of alarms are:
    • Metric: The data points being measured
    • Threshold: the criteria to check it is normal or abnormal
    • Period: How long the state over the threshold is bad before an alarm is generated
    • Action: What needs to be done when an alarm is triggered
      • SNS Notification
      • EC2 Actions: Stop, terminate, or reboot an EC2 instance
      • Auto Scaling Actions: Execute an Auto Scaling policy


  • A time-ordered set of data points
  • Exist only in a region where they are created
  • Cannot be deleted. But old data are aggregated, and data older than 15 months are dropped.

CloudWatch Components


  • a container for ClouldWatch metrics
  • The naming convention: aws/service


  • A name/value pair that uniquely identifies a metric.


  • Aggregated metric data over specified periods of time
  • Minimum, Maximum, Average, Sum, SampleCount …

CloudWatch and EC2 Instances

CloudWatch does not collect some metrics for EC2 instances. You need to install a CloudWatch agent in the instances.

  • Default Metrics:
    • CPU Utilization, Disk Reads/Writes, and Network Utilization (Network In/Out)
  • Custom Metrics with CloudWatch agents:
    • EC2 does not send OS-level metrics to CloudWatch
    • Memory utilization, processes, and disk space/swap usages

CloudWatch Logs

CloudWatch Logs is a service for centralizing logs. It stores, monitors, and accesses logs from AWS services and applications.

  • “CloudWatch Logs” accepts connections from AWS services (such as EC2, Lambda, or CloudTrail), from API streams (from a custom application), or CloudWatch agents.
    • You can review logs as a flow of time-ordered events.
  • A metric filter uses pattern matches to analyze logs and create metrics.
  • A log event is a timestamp and a raw message.
  • A log stream is a sequence of log events with the same source.
  • A log group is a container for log streams. It controls retention, monitoring, and access. You can set filters in a group.

CloudWatch Logs Insights

CloudWatch Insights

CloudWatch Insights is an enhanced-service for monitoring some AWS services and your applications It collects, aggregates, and summarizes logs and metrics.

  • Container Insights
    • for containerized applications and services
  • Lambda Insights
    • for detailed performance metrics and logs of your lambda functions
  • Application Insights
    • for resources and work-load specific metrics of your application

CouldWatch Events

CloudWatch Events has been replaced with EventBridge.

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s