AWS Monitoring 1O1

Monitoring is the practice of observing and documenting real-time resource use. It offers decision-making mechanisms for capacity planning. It helps system or operating engineers to identify problems until they become a concern. Monitoring contributes to high availability and high-quality customer support. Monitoring also offers insight into efficiency, consumption, and scalability.

AWS is the market’s largest cloud storage provider. AWS offers managed systems for reporting and maintenance in addition to compute, storage, networking, and other services. It has an alert feature with notification to inform end users about resource use or expense. AWS offers various forms of tracking and use cases through AWS CloudWatch, AWS CloudTrail, and AWS Config.

AWS CloudWatch

Amazon CloudWatch continuously tracks AWS infrastructure and AWS-hosted software. It offers comprehensive insight into resource use, application efficiency, and organizational health across the whole system. It can be used to capture and monitor metrics, log files, and set alarms.

Image Retrieved from:

Collect — Gather metrics and logs from all AWS services.

Monitor — CloudWatch helps you to visualize apps and networks.

Act — Automate response to Operational changes.

Analyze — CloudWatch metrics allow for real-time analysis.

CloudWatch provides actionable feedback to help you improve application efficiency, track resource use, and consider the overall health of your device. CloudWatch offers up to 1-second monitoring of measurements and logs data, as well as 15 months of data retention (metrics) and the ability to measure metrics.

CloudWatch Logs service allows you to collect and store logs from your resources, applications, and services in near real-time. There are three main categories of logs:

1) Vended logs. These are natively published by AWS services on behalf of the customer. Currently Amazon VPC Flow Logs and Amazon Route 53 logs are the two supported types.

2) Logs that are published by AWS services. Currently over 30 AWS services publish logs to CloudWatch. These services include Amazon API Gateway, AWS Lambda, AWS CloudTrail, and many others.

3) Custom logs. These are logs from your own application and on-premises resources. You can use AWS Systems Manager to install a CloudWatch Agent, or you can use the PutLogData API action to easily publish logs.

Amazon CloudWatch Application Insights

The following concepts are important for understanding how Application Insights monitors your application.

Component — An auto-grouped, standalone, or custom grouping of similar resources that make up an application. We recommend grouping similar resources into custom components for better monitoring.

Observation — An individual event (metric anomaly, log error, or exception) that is detected with an application or application resource.

Problem — Problems are detected by correlating, classifying, and grouping related observations.

AWS CloudTrail

AWS CloudTrail enables governance, compliance, operational auditing and risk auditing of an AWS account.


• CloudTrail provides a history of AWS API calls for an AWS account.

• API calls history simplifies security analysis, resource change tracking and troubleshooting.

• It provides visibility into user activity made on AWS account.

• CloudTrail typically deliver log files within 15 minutes of an API call.

• CloudTrail logs can be stored in S3 bucket with server side encryption.

• Can be integrated with CloudWatch for different use cases.

• AWS CloudTrail expands the tracking functionality that AWS currently offers.

• CloudTrail can be used to receive updates or warnings from Amazon SNS.


2-2Image Retrieved From:


AWS Config

AWS Config enables authentication and governance by including AWS resource inventory, configuration history, and configuration update updates.


• Config provides a detailed view of the configuration of AWS resources in an AWS account.

• Notifications can be triggered whenever a resource is created, modified or deleted.

• In an AWS account, customers have a soft cap of 50 AWS Config Rules, which can be expanded.

• Config saves AWS resource setup information at a given point in time.

• Config is designed to help application resources in the scenarios like: Resource Administration, Auditing, Compliance and Security Analysis, Managing and Troubleshooting Configuration Changes.


Image Retrieved From:


Best Practices for AWS Monitoring:

Monitor the End User Experience

Automate monitoring tasks as much as possible

Often use AWS Config for resource setup history and enforcement.

Configure AWS CloudWatch for AWS services and set alarms according to your application’s requirements.

Check and analyze the log files on a regular basis.

Create Advanced Monitoring scripts by hand.

For a complete image, integrate metrics, flows, and logs.

Monitor, Notification and Alert on Cloud Resource Consumption.


Jun 2021 - 5 min read

Piyush Jalan

Piyush Jalan

Senior Cloud Consultant / AWS APN Ambassador

Ready to get started?

Your request is free. We will call you back within one hour and find a suitable expert within 48 hours.

Already a member? Login here

Woman with curls