[AWS Cloud Fundamental Notes] CloudWatch and CloudTrail
Introduction to the usage and operational mechanisms of CloudWatch and CloudTrail
Amazon CloudWatch monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real-time.
AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account.
CloudWatch Logs
Collects custom logs from applications.
CloudWatch Metrics
Creates visual charts.
CloudWatch Alarm
Sets up alert conditions for logs to trigger subsequent actions, such as sending SNS notifications or triggering actions on other AWS resources via CloudWatch Events.
CloudWatch Agent
By default, cannot monitor memory
and disk usage
on machines and needs to be installed on the server manually.
Applications can also be written in a specified folder and then collected into CloudWatch Logs through the agent.
Monitoring Aspects
Server Operation Status
Each server sends logs to a separate
log stream through the agent and then to CloudWatch Logs, facilitating monitoring of each server’s operation status.
Service Operation Status
By grouping multiple log streams into a Log Group , the overall operation status of the service can be evaluated.
CloudTrail
Tracks user activity and API usage: AWS CloudTrail
Used to record user operations on AWS, records can be stored in S3 and visual monitoring and notifications can be set up through the CloudWatch Logs service.