Amazon CloudWatch is a monitoring service for AWS cloud resources and
the applications that run on AWS. It can be used to collect and track metrics,
collect log files, and set alarms. Amazon CloudWatch can monitor AWS resources
such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB
instances, as well as custom metrics generated by applications and services,
and any log files generated by the applications. CloudWatch can be used to gain
system-wide visibility into resource utilization, application performance, and
operational health. You can use these insights to react and keep your
application running smoothly. Fourth in the series of SSM blogs, this blog covers
the task ‘aws:psModule’. You can find part three here.
Schema for aws:cloudWatch
"aws:cloudWatch":
{
"properties": {
"EngineConfiguration": {
"PollInterval": "00:00:15",
"Components": [
{
"Id":
"ApplicationEventLog",
"FullName":
"AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Application",
"Levels": "value"
}
},
{
"Id":
"CloudWatch",
"FullName":
"AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "access-key-id",
"SecretKey": "secret-access-key",
"Region": "region",
"NameSpace": "namespace"
}
},
{
"Id":
"CloudWatchLogs",
"FullName":
"AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "access-key-id",
"SecretKey": "secret-access-key",
"Region": "region",
"LogGroup": "group",
"LogStream": "stream"
}
},
{
"Id":
"CustomLogs",
"FullName":
"AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath":
"path",
"TimestampFormat": "value",
"Encoding": "value",
"Filter": "",
"CultureName": "locale",
"TimeZoneKind": "value",
"LineCount": "value"
}
},
{
"Id": "ETW",
"FullName":
"AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName":
"Microsoft-Windows-WinINet/Analytic",
"Levels": "value"
}
},
{
"Id": "IISLogs",
"FullName":
"AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath":
"path",
"TimestampFormat": "value",
"Encoding": "value",
"Filter": "",
"CultureName": "locale",
"TimeZoneKind": "value",
"LineCount": "value"
}
},
{
"Id":
"PerformanceCounter",
"FullName":
"AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"CategoryName": "name",
"CounterName": "name",
"InstanceName": "name",
"MetricName": "name",
"Unit": "unit",
"DimensionName": "name",
"DimensionValue": "value"
}
},
{
"Id":
"SecurityEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName":
"Security",
"Levels": "value"
}
},
{
"Id":
"SystemEventLog",
"FullName":
"AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName":
"System",
"Levels": "value"
}
}
],
"Flows": {
"Flows": [
"source,destination",
"(source1, source2),destination",
"source, (destination1,destination2)"
]
}
}
}
}
CloudWatch Custom Metrics Sample
By default, CloudWatch
captures free metrics at the host level. To capture the metrics from within the
guest, the agent running inside the guest should be configured. A sample to
collect the memory usage metric is provided.
function CMApplyMetrics
($instance)
{
$doc = @"
{
"schemaVersion": "1.0",
"description": "Instance
configuration",
"runtimeConfig": {
"aws:cloudWatch": {
"description":
"CloudWatch Metrics Demo",
"properties": {
"EngineConfiguration": {
"PollInterval":
"00:00:15",
"Components": [
{
"Id":
"PerformanceCounter",
"FullName":
"AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"CategoryName":
"Memory",
"CounterName":
"Available MBytes",
"InstanceName":
"",
"MetricName":
"Memory",
"Unit":
"Megabytes",
"DimensionName":
"",
"DimensionValue":
""
}
},
{
"Id": "CloudWatch",
"FullName":
"AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region": "us-east-1",
"NameSpace": "SSMDemo"
}
}
],
"Flows": {
"Flows":["PerformanceCounter,CloudWatch"]
}
}
}
}
}
}
"@
Write-Verbose
"CMApply instanceid=$($instance.InstanceId)"
SSMAssociate
$instance $doc
$cred
}
Sample doc, produced by
above function.
PS C:\temp\ssm> $doc
{
"schemaVersion": "1.0",
"description": "Instance configuration",
"runtimeConfig": {
"aws:cloudWatch": {
"description": "CloudWatch Metrics Demo",
"properties": {
"EngineConfiguration": {
"PollInterval": "00:00:15",
"Components": [
{
"Id": "PerformanceCounter",
"FullName":
"AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"CategoryName": "Memory",
"CounterName": "Available MBytes",
"InstanceName": "",
"MetricName": "Memory",
"Unit": "Megabytes",
"DimensionName":
"",
"DimensionValue": ""
}
},
{
"Id": "CloudWatch",
"FullName":
"AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region": "us-east-1",
"NameSpace": "SSMDemo"
}
}
],
"Flows": {
"Flows": [
"PerformanceCounter,CloudWatch"
]
}
}
}
}
}
}
CloudWatch Logs Sample
In addition to custom
metrics, CloudWatch can also collect the logs. This includes event logs, IIS
logs and custom logs. The sample below collects the event logs from
EC2CofigService into the “SSM-Log-Group” log group. Each instance log is stored
in a separate stream. The function CMApplyLogs is straight forward to follow.
function CMApplyLogs ($instance)
{
$doc = @"
{
"schemaVersion": "1.0",
"description": "Instance
configuration",
"runtimeConfig": {
"aws:cloudWatch": {
"description":
"CloudWatch Logs Demo",
"properties": {
"EngineConfiguration": {
"PollInterval":
"00:00:15",
"Components": [
{
"Id": "SSMLogs",
"FullName":
"AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName":
"EC2ConfigService",
"Levels": "7"
}
},
{
"Id": "CloudWatchLogs",
"FullName":
"AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region":
"us-east-1",
"LogGroup":
"SSM-Log-Group",
"LogStream":
"{instance_id}"
}
}
],
"Flows": {
"Flows": ["SSMLogs,CloudWatchLogs"]
}
}
}
}
}
}
"@
Write-Verbose
"CMApply instanceid=$($instance.InstanceId)"
SSMAssociate
$instance $doc -Credential $cred
}
Sample doc, produced by the
above function.
PS C:\temp\ssm> $doc
{
"schemaVersion": "1.0",
"description": "Instance configuration",
"runtimeConfig": {
"aws:cloudWatch": {
"description": "CloudWatch Logs Demo",
"properties": {
"EngineConfiguration": {
"PollInterval": "00:00:15",
"Components": [
{
"Id": "SSMLogs",
"FullName":
"AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName":
"EC2ConfigService",
"Levels": "7"
}
},
{
"Id": "CloudWatchLogs",
"FullName":
"AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region": "us-east-1",
"LogGroup": "SSM-Log-Group",
"LogStream": "{instance_id}"
}
}
],
"Flows": {
"Flows": [
"SSMLogs,CloudWatchLogs"
]
}
}
}
}
}
}
Explore & Enjoy!
/Siva
No comments:
Post a Comment