Mastering AWS Monitoring: CloudWatch Metrics, Alarms, Logs, EventBridge & CloudTrail in One Go!

CloudWatch Metrics (Performance Tracking)

Think of CloudWatch Metrics like a fitness tracker for your AWS services. Just like a fitness tracker measures your steps, heart rate, or sleep, CloudWatch Metrics measure things like

• CPU usage of a server
• Memory consumption
• Number of requests to a website
• Disk space usage

AWS collects this data and shows it in easy-to-read charts, so you can see how well your system is running

CloudWatch Alarms (Automatic Alerts & Actions)

Now, imagine your fitness tracker alerts you when your heart rate is too high. That’s exactly what CloudWatch Alarms do for your AWS services!

You can set an alarm to notify you or take action when something goes wrong. For example:

• If CPU usage goes above 80%, send an alert to your email.
• If disk space is almost full, automatically add more storage.
• If a server is not responding, restart it automatically

CloudWatch Metrics = Monitors AWS performance

CloudWatch Alarms = Sends alerts or takes action when something unusual happens

Cloud Watch Matrics

This image is from AWS CloudWatch Metrics, and it shows different AWS services being monitored. Here’s what it tells us in simple words

• All Metrics" Section : This means CloudWatch is collecting data from different AWS services and displaying them in one place .
• Different AWS Services Listed : The image shows metrics for DynamoDB, EC2, RDS, S3, EBS, Logs, and Elastic Beanstalk. ,
• Each of these has a number next to it, which indicates how many metrics are being tracked.
• Example: EC2 has 59 metrics, meaning AWS is monitoring 59 different performance factors for EC2 instances.
• Search & Filtering Options : You can search for specific metrics using the search bar.
• The "View automatic dashboard" link lets you see detailed graphs and reports for each service

CloudWatch Alarms

You can directly create this alarm when ypu ec2 instance has launched i have gives you a short demo

If ypu want to enable billing alarm then visit on us-east-1 to check billing option

What is CloudWatch Logs

What are Logs ?

Logs are records of activities and events happening in a system. Every time something happens, the system writes a log entry to keep track of it.

Think of CloudWatch Logs as a notebook where AWS services write down everything they are doing. These logs help in troubleshooting, monitoring, and security analysis.

CloudWatch Logs with a Fitness Tracker Example

Imagine you have a smart fitness tracker that records your daily activities. It keeps track of :

• Steps Taken – Every step you take is recorded as a log entry.
• Heart Rate Changes – If your heart rate spikes, the tracker logs the event.
• Workout Sessions – When you start and stop a workout, the tracker logs the time and calories burned.
• Sleep Tracking – Your sleep cycles and interruptions are logged.

Now, if one day you feel tired and want to know why, you can check your fitness logs to see if:

• You had fewer steps than usual.
• Your heart rate was too high or too low.
• Your sleep was disturbed.

Similarly, in AWS CloudWatch Logs, services like EC2, Lambda, and RDS write logs about what is happening, such as

• When a server starts or stops.
• When an error occurs.
• When someone logs into an AWS resource.

Note : EC2 Instance & ON - Premises need a CloudWatch Agent to Push a log's on cloud watch

Click on CloudWatch Logs create a Create log group

Log Generated We can also use Lambda function to create this log here we have use python code to create this log

If you want to use this code to practice with CloudWatch Logs, first configure AWS by running:

aws configure | Access key | Secret access key        

Then, install Boto3 using the pip command:

pip install boto3        

Finally, run the script. ??

import boto3
import time

# Initialize CloudWatch Logs client
client = boto3.client('logs', region_name="us-west-2")  # Change region if needed

# Define Log Group & Log Stream
log_group_name = "Learning-logGroup"
log_stream_name = "learninglogstream"

# Step 1: Ensure Log Group Exists
try:
    client.create_log_group(logGroupName=log_group_name)
    print(f"? Log Group '{log_group_name}' created!")
except client.exceptions.ResourceAlreadyExistsException:
    print(f"?? Log Group '{log_group_name}' already exists.")

# Step 2: Ensure Log Stream Exists
try:
    client.create_log_stream(logGroupName=log_group_name, logStreamName=log_stream_name)
    print(f"? Log Stream '{log_stream_name}' created!")
except client.exceptions.ResourceAlreadyExistsException:
    print(f"?? Log Stream '{log_stream_name}' already exists.")

# Step 3: Get Upload Sequence Token (if required)
try:
    response = client.describe_log_streams(logGroupName=log_group_name, logStreamNamePrefix=log_stream_name)
    log_streams = response.get("logStreams", [])
    sequence_token = log_streams[0].get("uploadSequenceToken") if log_streams else None
except Exception as e:
    print(f"? Error getting sequence token: {e}")
    sequence_token = None

# Step 4: Send Logs to CloudWatch
log_events = [
    {
        "timestamp": int(time.time() * 1000),  # Current time in milliseconds
        "message": "?? First log Send By linkedin burhankhan503: CloudWatch logging started! "
    },
    {
        "timestamp": int(time.time() * 1000),
        "message": "? Second log linkedin burhankhan503: Logs successfully sent!"
    }
]

try:
    put_log_args = {
        "logGroupName": log_group_name,
        "logStreamName": log_stream_name,
        "logEvents": log_events
    }
    if sequence_token:
        put_log_args["sequenceToken"] = sequence_token

    response = client.put_log_events(**put_log_args)
    print("?? Logs sent by linkedin burhankhan503 successfully!")
except Exception as e:
    print(f"? Error sending logs: {e}")
        

What is EventBridge

AWS EventBridge is a serverless event bus that helps different AWS services and applications communicate with each other in real time. It works by routing events from sources (like AWS services or custom applications) to targets (like Lambda, SQS, SNS, etc.)

Example Using EventBridge

Imagine you have a fitness app that tracks users' workouts. You can use EventBridge to automate actions based on events

?? Scenario: Automated Workout Rewards

• Event Source: A user completes a workout (Event triggered in the app).
• EventBridge Rule: Detects the event when a user completes a workout.
• Target (Action): Sends a notification using SNS (Amazon Simple Notification Service) to congratulate the user and update their reward points in DynamoDB.

How It Works (Flow)

1?? User finishes a workout (event generated).

2?? EventBridge captures the event and matches it to a rule.

3?? EventBridge routes the event to multiple targets:

• SNS: Sends a notification ("Great job! You completed a workout! ??")
• Lambda: Updates reward points in DynamoDB (+10 points).
• S3 (Optional): Stores workout history in a log file.

Example EventBridge Event (JSON Format)

{
  "source": "fitness.app",
  "detail-type": "WorkoutCompleted",
  "detail": {
    "user_id": "12345",
    "workout_type": "Running",
    "duration": "30 minutes",
    "calories_burned": 250
  }
}        

? Benefits of EventBridge in Fitness Apps

• Real-time event-driven automation (instant notifications & updates).
• Decoupled architecture (easy to scale and add new features).
• Serverless & fully managed (no need to manage infrastructure).

Hands On CloudWatch EventBridge

What is AWS CloudTrail Explained with a Fitness App

AWS CloudTrail is a service that helps you track user activity and API calls in your AWS account. It records every action taken, whether by a user, service, or AWS itself, and stores the logs for auditing and security purposes

Imagine you have a Fitness App hosted on AWS. Users log in, track workouts, and store data on the cloud. AWS CloudTrail helps you monitor all activities and ensure security.

AWS CloudTrail - Key Features & Steps

1. Provides Governance, Compliance & Audit : Tracks all actions taken in your AWS account. Helps with security audits and compliance reports
2. Enabled by Default : No setup required; AWS automatically records the last 90 days of events.
3. Records History of Events & API Calls : Tracks activities performed using AWS Console , SDKs , CLI , AWS Services
4. Stores Logs in CloudWatch or S3 : Logs can be sent to CloudWatch for real-time monitoring , Logs can be archived in S3 for long-term storage and analysis
5. Trail Configuration : You can apply CloudTrail logs to all AWS regions (default), Alternatively, you can create a trail for a specific region
6. Use CloudTrail for Security Investigations : If a resource (e.g., an EC2 instance) is deleted, check CloudTrail logs. Helps identify who, when, and how the action occurred.

AWS Cloud Health Dashboard

The AWS Cloud Health Dashboard helps you check if AWS services are working properly. It shows if there are any issues, outages, or maintenance happening

Types of AWS Health Dashboards

1?? AWS Service Health Dashboard

• ?? Website: https://health.aws.amazon.com/
• ?? Shows live status of AWS services (like EC2, S3, RDS).
• ?? Helps you know if AWS is having problems in your region.

2?? AWS Personal Health Dashboard (PHD)

• ?? Available in your AWS account.
• ?? Gives alerts if your AWS resources (like your EC2 servers) are affected.
• ?? Helps you fix issues quickly.

3?? AWS CloudWatch Dashboard

• ?? A tool to monitor your AWS resources.
• ?? Shows graphs for CPU usage, memory, and network traffic.
• ?? Helps you keep track of performance and avoid problems.

?? Simple Example: If AWS S3 is down, you can check the AWS Service Health Dashboard to confirm the issue. If only your EC2 instance is having trouble, the Personal Health Dashboard will notify you.

What is AWS SQS

AWS SQS (Simple Queue Service) is a service that helps different parts of an application communicate by sending, storing, and receiving messages in a queue. It ensures that messages are delivered even if one part of the system is slow or temporarily down

Example: Fitness App Using SQS ???♂???

Imagine you have a fitness app where users can request personalized workout plans

1?? User Requests a Workout Plan

• The user fills in details (age, fitness level, goals) and submits a request.
• The app sends this request to an SQS queue.

2?? SQS Holds the Request in a Queue

• The request waits in the queue until a workout generator system is ready.
• This ensures the app doesn’t crash if many users request plans at once.

3?? Backend System Processes Requests One by One

• A workout generator system picks requests from the SQS queue.
• It creates a personalized workout plan and sends it back to the user.

4?? User Gets the Workout Plan

• Once the request is processed, the user receives a custom workout plan.

?? Why Use SQS?

? Ensures requests don’t get lost.

? Handles high traffic smoothly.

? Prevents slow responses by allowing background processing.

Hands On

What is SNS (Simple Notification Service)

AWS SNS (Simple Notification Service) is a messaging service that sends notifications to users or systems. It helps apps communicate with people through SMS, email, or push notifications

?? Example: Fitness App

Imagine you have a Fitness App that tracks a user’s workouts

• When a user completes a workout, SNS sends a push notification:

?? "Great job! You completed your workout. Keep going!"

• If a user forgets to work out, SNS can send a reminder via SMS or email:

?? "Hey! Time for your daily workout. Stay active!"

SNS helps the app automate notifications and keep users engaged! ??

Hands On

#AWSMonitoring #CloudWatch #CloudTrail #EventBridge #DevOps #AWSLogs #Observability #AWSTraining #CloudComputing #AWSAlarms #TechLearning ??