About Us

Citrus Consulting Services is the Consulting and the Transformation Services arm of Redington Gulf.

Sunday – Thursday: 9:00AM–6:00PM (Sales), Sunday – Saturday: 24×7 / 365 (Support) E.O#3, Ground Floor, Building 01 Dubai Internet City, P.O Box 501 761 Dubai, UAE (+971) 04 516 1500
(+966) 11 462 5323
Citrus Consulting Services

Introduction to AWS CloudWatch

Amazon CloudWatch is a service used for real-time monitoring AWS resources like EC2 instances, EBS, RDS, load balancer, lambda, Cognito, S3, etc. and also can use for monitoring on-prem resources. CloudWatch is a useful service to collect & track matrices, monitor log files, set alarms. It automatically provides metrics for CPU utilization, latency and request count. Additionally, custom CloudWatch metrics can also be monitored such as memory usage, error rates, etc. in a detailed manner. It’s useful service for cronjob and automation purposes.


List the Available CloudWatch Metrics for Your Instances

By default, EC2 sends metrics to Amazon CloudWatch and each data point covers the 5 minutes that follow the start time of activity for the instance. Using CloudWatch detailed monitoring, each data point covers the next minute of activity from the start time.


Let’s See CloudWatch Dashboards on AWS

You can create your dashboards with any metrics from CloudWatch (including custom metrics). You can also use math matrices functions to create computed metrics and include them in your dashboards.


What is CloudWatch Event?


CloudWatch Events allows users to consume a near real-time stream of events like changes to their AWS environment takes place. These event changes can afterword trigger notification services like SNS, SMS, etc. or can trigger other AWS services like Lambda, SSM, Step function. CloudWatch Events can monitor actions like an AWS service (Eg: EC2 instance) being launched or stopped/ terminated and detect when an auto-scale happens.

Using CloudWatch event you can create a custom role to trigger targeted AWS resources for automation purposes based on event, role or time schedule.

  • Events – generated in four ways. It is represented by the JSON script. They can happen from within AWS when the resource changes its state or events are generated by API calls and console sign-ins that are delivered to Amazon CloudWatch Events via CloudTrail or when your own code can generate application-level events and publish them to Amazon CloudWatch Events for processing. The last way is that they can be issued on a scheduled basis, with options for periodic or Cron-style scheduling.
  • Rules – match incoming events and route them to one or more targets or processing. Rules do not have any order for processing, all the rules matching for an event will be processed.
  • Targets – process events and are specified within the rules. There are some initial target types:

What is CloudWatch Agent?

AWS provides CloudWatch agent that can be configured on the EC2 instances to send Custom Metrics to CloudWatch. That agent supports multiple operating systems like Amazon Linux, CentOS, Red hat, Windows Server (2008 onwards), Debian, Ubuntu OS. The help of IAM role access, the agent to collect live metrics from the server and send these custom & detailed data to CloudWatch Dashboard for better monitoring experience.

You can install the agent on an on-premises server, you need to specify a named profile that contains the credentials of the IAM user that you created earlier for CloudWatch access.

CloudWatch Agent AWS Download Link

What is CloudWatch Alarm?

You can create a CloudWatch alarm that based on target CloudWatch metric or the result of a math expression based on CloudWatch metrics. The alarm does perform one or multiple actions based on metric value or specified matrices condition reached a threshold over several time periods. The action can be an AWS resource (E.g.: An Amazon EC2 action, an EC2 Auto Scaling action, a Lambda function, or a notification sent to an SNS topic).


CloudWatch dashboards are designed with a goal of providing better visibility when monitoring AWS resources across regions in a consolidated view. Since CloudWatch dashboards are highly customizable, users can create their own custom dashboards to graphically represent data for varying metrics such as utilization, performance, estimated billing, and now alarm conditions. When an alarm is on a dashboard, it turns red when it is in the ALARM state, that makes easier for you to monitor its status proactively.

What is Amazon CloudWatch Logs?

CloudWatch Logs helps users to access, monitor & store access log files from AWS resources like EC2, Lambda functions, CloudTrail, Route 53, and other sources. CloudWatch Logs enables you to centralize the logs from all your systems, applications, and AWS services that you use, in a single, highly scalable service. With the help of CloudWatch Logs, you can troubleshoot your systems and applications. It offers near real-time monitoring and users can search, filter for specific phrases, values or patterns. Metric filters define the patterns and the terms to look for in log data as it is sent to CloudWatch Logs. You can use subscriptions to get access to a real-time feed of log events from CloudWatch Logs and have it delivered to other services such as an Amazon Kinesis Stream, Amazon Kinesis Data Firehose stream or AWS Lambda for custom processing, analysis or loading to other systems.

CloudWatch logs are a managed service that can be provisioned without extra purchases from within your AWS accounts. That is easy to work with from the AWS console or the AWS CLI. That service has deep integration with AWS services. That can trigger alerts based on certain logs occurring in the logs.

AWS recommends using the unified CloudWatch agent to collect system logs. When you install a CloudWatch Logs agent on an EC2 instance, it automatically creates a log group as part of the process, and you can also create a log group directly from the AWS console.

Stream Amazon CloudWatch Logs to a Centralized Account for Audit and Analysis


A key component of enterprise multi-account environments is logging. Centralized logging is often required in large enterprise environments for several reasons, ranging from compliance and security to analytics and application-specific needs. While some customers use the built-in ability to push Amazon CloudWatch Logs directly into Amazon Elasticsearch Service for analysis, others would prefer to move all logs into a centralized Amazon S3 bucket location for access by several custom and third-party tools.

CloudWatch Anomaly Detection


After enabling Anomaly detection for a metric, CloudWatch applies statistical and machine learning algorithms and that continuously analyze metrics of systems or applications and determine normal baselines, and surface inconsistency with minimal user involvement.

CloudWatch logs are a managed service that can be provisioned without extra purchases from within your AWS accounts. That is easy to work with from the AWS console or the AWS CLI. That service has deep integration with AWS services. That can trigger alerts based on certain logs occurring in the logs.

CloudWatch Anomaly Detection capabilities:

  • Learn and model the expected behavior of a metric based on prior data.
  • Calculate expected values and generates the Anomaly Detection band. This is based on a lower and an upper band metric generated by the model. Metric values that fall outside the predicted confidence band are considered anomalies.
  • Enable you to create alarms based on the Anomaly Detection band and remediate detected anomalies.
  • AWS API & CloudFormation support.

Anik Guha is a Consultant in Citrus Consulting Services and is based out of the Global Delivery Center Bangalore. He has 4 years’ of experience and is experienced in AWS , Windows, Infrastructure implementation, IT security . He has executed multiple projects in domains of AWS Cloud infrastructure, Architecture and Consultation.

Post a Comment

two × 1 =