DevOps and Security Glossary Terms

Glossary Terms
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

AWS CloudWatch - definition & overview

In this article
What is AWS CloudWatch?
Tips for using AWS CloudWatch
Amazon CloudWatch pricing
Monitoring resources with AWS CloudWatch
Can AWS CloudWatch monitor custom metrics?
Does AWS CloudWatch charge for all monitoring
Other Amazon CloudWatch features and capabilities
How do I check my AWS CloudWatch logs?
Using Sumo Logic to collect data from AWS CloudWatch
FAQs
What is AWS CloudWatch?
Tips for using AWS CloudWatch
Amazon CloudWatch pricing
Monitoring resources with AWS CloudWatch
Can AWS CloudWatch monitor custom metrics?
Does AWS CloudWatch charge for all monitoring
Other Amazon CloudWatch features and capabilities
How do I check my AWS CloudWatch logs?
Using Sumo Logic to collect data from AWS CloudWatch
FAQs

What is AWS CloudWatch?

AWS CloudWatch is a monitoring tool for tracking AWS application health and resource use. It's commonly used to help:

  • Monitor and fix operational issues
  • Measure and optimize performance through logging
  • Monitor AWS applications on-premises or in the cloud
  • Troubleshoot AWS infrastructure, and more

Key takeaways

  • CloudWatch has no upfront fees or commitments, and even includes a free tier.
  • AWS CloudWatch has basic and detailed monitoring for EC2.
  • CloudWatch is capable of monitoring custom metrics from data produced by your applications, scripts, and services.

Tips for using AWS CloudWatch

The data and reports that AWS CloudWatch provides let users keep track of application performance, resource use, operational issues, and constraints. This helps organizations resolve technical issues and streamline operations. CloudWatch is most commonly used with Elastic Compute Cloud (EC2) instances and can also monitor Amazon Elastic Block Store (EBS) volumes, Elastic Load Balancers (ELBs), and instances of Amazon Relational Database Service (RDS). It also can extend beyond these core services to intake custom data from external sources. Users choose CloudWatch for its automatic integration with AWS services and its flexibility and scalability.

Amazon CloudWatch pricing

AWS CouldWatch comes in pricing tiers, a free and paid tier. The paid tier of CloudWatch has no upfront fees or commitments and is billed based on usage at the end of the month. Keep in mind, CloudWatch prices do vary by region and are subject to change. Below are the current prices listed by Amazon:

Metrics

  • First 10,000 metric - $0.30 (metric/month)
  • Next 240,000 metrics - $0.10
  • Next 750,000 metrics - $0.05
  • Over 1,000,000 metrics - $0.02

APIs

  • GetMetricData, GetInsightRuleReport - $0.01 per 1,000 metrics requested
  • GetMetricWidgetImage - $0.02 per 1,000 metrics requested
  • GetMetricStatistics, ListMetrics, PutMetricData, GetDashboard, ListDashboards, PutDashboard and DeleteDashboards requests - $0.01 per 1,000 requests

Dashboard

  • $3.00 per dashboard

Alarms

  • Standard resolution - $0.10 per alarm metric
  • High resolution - $0.30 per alarm metric
  • Standard resolution anomaly detection - $0.30 per alarm
  • High-resolution anomaly detection - $0.90 per alarm
  • Composite - $0.50 per alarm

Logs

  • Collect (data ingestion) - $0.67 per GB
  • Store (archival) - $0.033 per GB
  • Analyze (logs insights queries) - $0.0067 per GB of data scanned

Events

  • Custom Events - $1.00 per million events
  • Cross-Account Events - $1.00 per million events

Contributor Insights

  • Contributor Insights Rule - $0.50 per rule per month
  • Matched Log Events - $0.027 per one million log events that match the rule per month

Canaries

  • $0.0017 per canary run

Monitoring resources with AWS CloudWatch

Amazon CloudWatch is configured out-of-the-box to integrate with EC2, offering two levels of monitoring capabilities:

  • Basic monitoring, which requires no additional fee, includes seven pre-selected metrics and three status-check metrics produced at five-minute and one-minute intervals, respectively.
  • Detailed monitoring, which comes at an additional charge, increases the frequency of all metrics to one-minute intervals.

Additional AWS services that CloudWatch can monitor automatically include the following:

  • EBS: Monitors read/write latency and similar measurements.
  • RDS database instances: Monitors metrics, such as storage space and free-able memory.
  • SQS Queues: Monitors messages sent, messages received, and other key metrics.
  • SNS Topics: Monitors common metrics, like the number of published and delivered messages.

Can AWS CloudWatch monitor custom metrics?

Amazon CloudWatch is capable of monitoring custom metrics from data produced by your applications, scripts, and services. Custom metrics can include anything, from web page load time or the amount of work performed by your application. PutMetricData API is the easiest way to get started with custom metrics, but you can also use several other applications and tools offered by AWS partners.

Does AWS CloudWatch charge for all monitoring

Amazon CloudWatch offers Basic AWS Monitoring at no cost for EC2 instances. Data included in Basic monitoring includes CPU load, disk I/O, and network I/O metrics, which are collected in five-minute intervals with two-week storage.

Other Amazon CloudWatch features and capabilities

Beyond its automatically configured monitoring capabilities, CloudWatch can be extended to monitor metrics from additional AWS services and even external applications. Through API requests, users can enable the same core functionality of CloudWatch for their custom data. CloudWatch also can function for basic monitoring of system logs, allowing users to track and analyze specific metrics.

AWS CloudWatch dashboards

The CloudWatch dashboard interface allows users to create custom graphical views across their AWS services. These can include both real-time data and historical data for up to a two-week maximum.

AWS CloudWatch alarms

Users also can set alarms that will trigger whenever a metric crosses a specified limit, allowing them to take quick actions on real-time data or easily spot resources that are being underutilized. Some responsive actions can even be automated using a rules engine built into the service.

AWS CloudWatch vs. AWS CloudTrail

AWS Cloudwatch is a monitoring tool that provides visibility into the performance of your AWS resources and applications. AWS CloudTrail is a logging tool for AWS account activity and API usage for compliance, monitoring, and risk auditing.

How do I check my AWS CloudWatch logs?

Using AWS CloudWatch, you can view log data on a stream-by-stream basis. All log data is sent by the CloudWatch Logs agent to CloudWatch logs. The data can easily be reviewed by the time range specified for the log data.

How to view log data:

  1. Open your CloudWatch console
  2. Select Log groups from the navigation window
  3. Choose the log group you want to review to view the streams
  4. Pick the name of the log group you want to view from the available list of log groups
  5. From here, you can expand log events, view them as plain text, filter, and specify date/time ranges.

Click here to learn more about monitoring AWS CloudWatch logs.

Using Sumo Logic to collect data from AWS CloudWatch

Using Sumo Logic, you can collect CloudWatch logs using our AWS Lambda function to subscribe to your CloudWatch Log Group. Our AWS Lambda function converts the CloudWatch log format into a format compatible with Sumo Logic, then POSTs the data directly to a Sumo HTTP Source. This is the preferred method for the following types of data: Custom CloudWatch log data, Amazon VPC Flow logs and AWS Lambda logs.

For more information on collected Amazon CloudWatch data in Sumo Logic click here.

FAQs

What are some best practices for setting up effective Amazon CloudWatch alarms?

  • Establish precise thresholds for triggering alarms based on key metrics such as CPU utilization, network traffic, or error rates.

  • Ensure your alarms are based on sufficient data history to avoid false positives.

  • Create derived metrics or composite alarms that combine multiple metrics.

  • Configure Simple Notification Service (SNS) to receive timely notifications when alarms are triggered.

  • Enable self-healing capabilities in response to alarms.

  • Continuously review alarm configurations and adjust thresholds as needed

  • Document alarm procedures, including escalation paths and response protocols, to streamline incident management.

Why do organizations choose AWS CloudWatch over its competitors?

Amazon CloudWatch stands out among its competitors due to its seamless integration with the broader Amazon Web Services (AWS) ecosystem. While competitors may offer similar monitoring capabilities, CloudWatch's deep integration with various AWS services like Amazon EC2, Amazon S3, and AWS Lambda provides a comprehensive solution for monitoring and managing resources within the AWS environment. This level of integration allows users to easily set up monitoring for their AWS resources without the need for complex configurations or additional third-party tools.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.