Open in app

Sign in

Write

Sign in

CloudWatch Logs

Nadtakan Futhoem
2 min readJul 6, 2021

CloudWatch is used to collate and collect metrics on resources, monitor their performance, and respond to alerts

Allows you to collect logs of your applications and a number of different AWS services

Provides the ability to monitor log streams in real-time and set up metric filters to search for specific events

Unified CloudWatch Agent — allows the collection of logs from EC2 instances as well from on-premise servers

CloudWatch Agent Installation

  • Create a role and attach it to the instance with permission to collect data from the instances in addition to interacting with SSM
  • Download and install the agent onto the EC2 instance
  • Configure and start the CloudWatch agent

Creating Roles

You will need to create two roles:

  • Used to install the agent and also to send the additional metrics gathered to CloudWatch
  • Used to communicate with the Parameter store within SSM, to store a configuration information file of the Agent

Configuration of the role with the additional permission for SSM:

  • Select the type of trusted identity — AWS Service
  • Choose the service that will use this role — EC2 allows EC2 instances to call AWS services on your behalf
  • Attach Permission Policies — CloudWatchAgentAdminPolicy & AmazonEC2RoleforSSM

The role used to install the agent and send data to CloudWatch:

  • Select the type of trusted identity — AWS Service
  • Choose the service that will use this role — EC2 Allows EC2 instances to call AWS services on your behalf
  • Attach Permission Policies — CloudWatchAgentServerPolicy & AmazonEC2RoleforSSM

Downloading the Agent

From the EC2 instance with additional permissions, you then install the agent

Prerequisites

  • Verify that your EC2 instance has access to the internet
  • You must also have the SSM agent installed
  • It’s already installed for Linux AMIs date 2017.09 and later, Windows Server 2016 instances, Instances created from Windows Server 2003–2012 R2 AMIs published in November 2016 or later

Configuring the Agent

On your first instance, you need to create the CloudWatch Agent Configuration File

  • This file stores configuration parameters that specify which metrics and logs to capture on the instance
  • It can be created manually or by using a wizard
Nadtakan Futhoem — Sr. Software Engineer
AWS
Cloud
Ec2 Instance
Ssm
Ec2

--

--

Nadtakan Futhoem

Written by Nadtakan Futhoem

80 Followers

Serverless Cloud developer. Follow me on Twitter https://twitter.com/nadtakanfuthoem

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams