Recommended
More Related Content
What's hot
What's hot (20)
Similar to Application & Account Monitoring in AWS
Similar to Application & Account Monitoring in AWS (20)
More from Bhuvaneswari Subramani
More from Bhuvaneswari Subramani (20)
Recently uploaded
Recently uploaded (20)
Application & Account Monitoring in AWS
- 1. Copyright © 2019. Infor. All Rights Reserved. Application & Account Monitoring in AWS Bhuvaneswari Subramani
- 2. (2) Amazon CloudWatch Agenda Application vs Account Monitoring AWS CloudTrail Practical Usage
- 4. (4) M o n i t o r i n g Application vs Account Monitoring Instance with CloudWatch Agent AWS Resource Monitoring Application Logs Application Monitoring
- 5. (5) M o n i t o r i n g Application vs Account Monitoring WEB CONSOLE COMMAND LINE TOOLS SDK Account Monitoring Instance with CloudWatch Agent AWS Resource Monitoring Application Logs Application Monitoring
- 6. (6) M o n i t o r i n g Application vs Account Monitoring ACCOUNT MONITORING AWS CloudTrail Monitors API Activity Enabled by default One trail per region is free Delivers an event within 15 mins of API Call APP & AWS RESOURCE MONITORING Amazon CloudWatch Monitors App & AWS Resources Enabled by default Basic monitoring at 5 min interval is free Basic, detailed monitoring at 5 & 1 min interval
- 8. (8) C l o u d Wa t c h Amazon CloudWatch Collect and track metrics Set Alarms Collect and monitor log files Automatically react to changes in your AWS resources A monitoring service for AWS cloud resources and the applications you run on AWS or on On-Premise
- 9. (9) C l o u d Wa t c h Accessing CloudWatch AWS Management Console AWS Command Line Tools AWS SDKs Amazon CloudWatch API
- 10. (10) C l o u d Wa t c h How CloudWatch Works CW Agent from EC2 Amazon CloudWatch Other Metrics… SRV1 – CPU-Percent Hrs / Week - Count SRV2- CPU-Percent Metrics Amazon CloudWatch Alarm AWS Management Console Statistics Consumer Auto Scaling Actions SNS Email notification Available Statistics Source CW Agent from On-prem server
- 11. (11) C l o u d Wa t c h CloudWatch Key Concepts Metrics Dashboards Alarms Logs Events
- 12. (13) C l o u d Wa t c h CloudWatch Metrics • Metrics are data about the performance of your systems • AWS services send metrics to CloudWatch, and you can send your own custom metrics to CloudWatch. • Metric data cannot be deleted; It retires after 15 months • Metrics exist only in the Region in which they are created • You can view from CloudWatch console as well as respective Service console • Supported Metrics
- 13. (14) C l o u d Wa t c h CloudWatch Metrics
- 14. (15) 15,269 C l o u d Wa t c h CloudWatch Metrics
- 15. (16) High Resolution Custom Metrics Data points with a period < 60 seconds Available for 3 hours Detailed Data points with a period = 60 seconds (1 min) Available for 15 days Standard Data points with a period < 60 seconds (5 min) Available for 63 days Extended Retention Data points with a period = 3000 seconds (1 hr) Available for 455 days (15 months) C l o u d Wa t c h Data Retention for Metrics
- 16. (17) C l o u d Wa t c h Data Retention for Metrics High Resolution Custom Metrics Data points with a period < 60 seconds Available for 3 hours Detailed Data points with a period = 60 seconds (1 min) Available for 15 days Standard Data points with a period < 60 seconds (5 min) Available for 63 days Extended Retention Data points with a period = 3000 seconds (1 hr) Available for 455 days (15 months)
- 17. (18) C l o u d Wa t c h CloudWatch Dashboards • Amazon CloudWatch dashboards are customizable to monitor resources spread across different regions • Dashboards can be created by using the console, the AWS CLI, or the PutDashboard API. • Can create Cross Region & Cross Account Dashboards • Key Attributes • Automated Dashboards pre-built with AWS Service • Can share Dashboards • Auto refresh
- 18. (19) C l o u d Wa t c h CloudWatch Dashboards
- 19. (20) C l o u d Wa t c h CloudWatch Alarms • You can create an alarm to monitor any Amazon CloudWatch metric in your account • States – OK || ALARM || INSUFFICIENT_DATA • Example: • Watch CPU utilization & Alert / Act as part of ASG • Amazon SQS queue length • Billing Alert
- 20. (21) C l o u d Wa t c h CloudWatch Alarms - Billing
- 21. (22) C l o u d Wa t c h CloudWatch Logs • CloudWatch Logs lets you monitor and troubleshoot your systems and applications using your existing system, application and custom log files. • Create LogGroups for focused monitoring • LogStream – sequence of log events from the same source • Log Categories • Vended Logs Ø Custom metrics cannot be deleted but expires based on the retention policy • Logs published by AWS services Ø Ex: Amazon API Gateway, AWS Lambda, AWS CloudTrail, and many others. • Custom Logs Ø Logs from your own application and on-premises resources
- 22. (23) C l o u d Wa t c h CloudWatch Logs
- 23. (24) C l o u d Wa t c h CloudWatch Events • Amazon CloudWatch Events (CWE) is a stream of system events describing changes in your AWS resources. • Write & associate rules with events to take automated actions • Helps to respond to state changes • You can schedule Events at Fixed schedule using Unix cron syntax
- 24. (25) ShutdownEC2Instance 12 C l o u d Wa t c h CloudWatch Events
- 26. (29) C l o u d Tr a i l Amazon CloudTrail Security Analysis Visibility into resource & user activity Compliance Troubleshooting AWS CloudTrail allows AWS customers to record API calls, sending log files to Amazon S3 buckets or Amazon CloudWatch for storage.
- 27. (30) C l o u d Tr a i l How CloudTrail Works S3 SNS Email notification Source AWS CloudTrail AWS SDK AWS Management Console AWS Command Line Interface Trail Per Region All Region Events Management Events Data Events Organizations Yes No Amazon CloudWatch Alarm
- 28. (31) C l o u d Tr a i l CloudTrail Key Concepts Trails Insights Event History Dashboard
- 29. (32) C l o u d Tr a i l Tech Tales of a Trail • A trail can be created specific to one region or all regions • An Organization trail can be created in master account • Members can view but not modify or delete • You can alter region, insights after trail is created • CloudTrail typically delivers log files within 15 minutes of account activity • Encryption • By default, CloudTrail event log files are encrypted using Amazon S3 server-side encryption (SSE) • You can also encrypt your log files with an AWS Key Management Service (AWS KMS) key
- 30. (33) C l o u d Tr a i l Tech Tales of a Trail – continued.. • Events • Management Events – logs control plane events • User Activity – Ex: Login • Configuring Security – Ex: IAM • Setup logging - Ex: Create trail • Data Events – logs data plane events • Amazon S3 object-level Event • AWS Lambda function execution activity
- 31. (34) C l o u d Tr a i l Create Trail
- 32. (35) C l o u d Tr a i l Create Trail
- 33. (36) C l o u d Tr a i l Create Trail ShutdownEC2Instance
- 34. (37) C l o u d Tr a i l Create Trail
- 35. (38) C l o u d Tr a i l Insight Events • CloudTrail Insights events capture unusual activity in your AWS account • By default disabled when you create a trail • Insights gets logged in separate suffix in S3 bucket (CloudTrail_Insights) • When does it logs ? • An Insights event is logged at the start of the unusual activity • And ten minutes later, when the unusual activity ends, another Insights event is logged to mark the end of the unusual activity • Example: Assume you usually delete 5 S3 buckets in a week and suddenly it goes up to 30, Insights will log that event separately
- 36. (39) <bucket name> <Account no> <bucket name> C l o u d Tr a i l Insight Events
- 37. (40) C l o u d Tr a i l Event History • Event history contains the activities taken by • Users • Groups • Supported AWS services your AWS account
- 38. (41) C l o u d Tr a i l CloudTrail Events History
- 39. (42) C l o u d Tr a i l Dashboard
- 41. (44) U s a g e CloudWatch & CloudTrail Usage Log Everything Centrally AWS CloudTrail • Enable in All regions • Log to central bucket in security account AWS Config • Turn on & log to central bucket in security account • Include global resources VPC Flowlogs Application Logs Amazon S3 Amazon Glacier
- 42. (45) U s a g e CloudWatch & CloudTrail Usage Log Everything Centrally AWS CloudTrail • Enable in All regions • Log to central bucket in security account AWS Config • Turn on & log to central bucket in security account • Include global resources VPC Flowlogs Application Logs Amazon S3 Amazon Glacier Amazon ElasticSearch Amazon EC2 Amazon CloudWatch
- 43. (46) U s a g e CloudWatch & CloudTrail Pricing AWS CloudTrail One trail per region is free Management event for first trail is free but data event, Insights are chargeable $0.10 per 100,000 Data events CloudTrail Insights events are charged at $0.35 per 100,000 write management events analyzed Refer CloudTrail Pricing for up-to-date rate Amazon CloudWatch Basic monitoring at 5 min interval is free Detailed monitoring at 1 min interval is chargeable $0.30 per metric for first 10,000 metrics $0.01 per 1,000 metrics requested through GetMetricData, GetInsightRuleReport API Refer CloudWatch Pricing for up-to-date rate
- 44. (47) U s a g e CloudWatch & CloudTrail Pricing AWS CloudTrail One trail per region is free Management event for first trail is free but data event, Insights are chargeable $0.10 per 100,000 Data events CloudTrail Insights events are charged at $0.35 per 100,000 write management events analyzed Refer CloudTrail Pricing Amazon CloudWatch Basic monitoring at 5 min interval is free Detailed monitoring at 1 min interval is chargeable $0.30 per metric for first 10,000 metrics $0.01 per 1,000 metrics requested through GetMetricData, GetInsightRuleReport API Refer CloudWatch Pricing
- 45. (48) U s a g e Reference Links • Amazon CloudWatch MindMap • Amazon CloudWatch User Guide • AWS CloudTrail User Guide • AWS Pricing Calculator
- 46. Copyright © 2019. Infor. All Rights Reserved. Thank you Copyright © 2019. Infor. All Rights Reserved. https://installjournal.blogspot.com https://www.linkedin.com/in/bhuvanas/ @installjournal