CloudWatch Agent

Enhanced System-Level Monitoring

What is CloudWatch Agent?

The CloudWatch agent is a software package that enables you to collect more system-level metrics from EC2 instances and on-premises servers. It provides enhanced monitoring capabilities beyond the default CloudWatch metrics.

Key Capabilities
  • Collect system-level metrics (memory, disk, processes)
  • Collect custom metrics from applications
  • Collect logs from instances and on-premises servers
  • Support for both Linux and Windows

Installation Methods

Command Line

Download and install using wget or curl commands from S3 bucket

Systems Manager

Use AWS-ConfigureAWSPackage document to install on multiple instances

CloudFormation

Include agent installation in infrastructure as code templates

System Metrics Collected

Memory Metrics
  • mem_used_percent - Memory utilization
  • mem_available - Available memory
  • mem_used - Used memory
  • swap_used_percent - Swap utilization
Disk Metrics
  • disk_used_percent - Disk space utilization
  • disk_free - Free disk space
  • disk_inodes_free - Available inodes
Process Metrics
  • procstat_cpu_usage - Process CPU usage
  • procstat_memory_rss - Process memory
  • procstat_num_threads - Thread count

Configuration

The agent uses a JSON configuration file that defines what metrics and logs to collect.

Configuration Sections
  • agent: General agent settings
  • metrics: Metrics collection configuration
  • logs: Log collection configuration
  • traces: X-Ray trace collection (optional)
Configuration Storage

Store configuration in Systems Manager Parameter Store for centralized management and easy deployment across multiple instances.

Log Collection

Supported Log Types
  • Application logs
  • System logs (/var/log/messages, /var/log/syslog)
  • Custom application logs
  • Windows Event Logs
  • IIS logs
Log Configuration

Specify log file paths, log group names, log stream names, and timestamp formats in the configuration file.

IAM Permissions

Required Permissions
  • cloudwatch:PutMetricData - Send metrics
  • logs:CreateLogGroup - Create log groups
  • logs:CreateLogStream - Create log streams
  • logs:PutLogEvents - Send log events
  • ssm:GetParameter - Retrieve configuration from Parameter Store
Managed Policy

Use CloudWatchAgentServerPolicy managed policy for EC2 instances and on-premises servers.

On-Premises Support

The CloudWatch agent can be installed on on-premises servers to monitor hybrid environments.

Requirements
  • IAM user credentials with appropriate permissions
  • Network connectivity to CloudWatch endpoints
  • Supported operating system (Linux or Windows)
Best Practice

Use Systems Manager for centralized management of on-premises servers with the agent.

Agent Management

Start/Stop Commands
  • Start: amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s
  • Stop: amazon-cloudwatch-agent-ctl -a stop
  • Status: amazon-cloudwatch-agent-ctl -a query
Configuration Updates

Update configuration in Parameter Store and restart agent to apply changes across all instances.

Troubleshooting

Check agent logs at /opt/aws/amazon-cloudwatch-agent/logs/ for debugging issues.

Best Practices

✓ Use Parameter Store

Store agent configuration in Systems Manager Parameter Store for centralized management

✓ Monitor Agent Health

Create CloudWatch alarms to monitor agent status and metric delivery

✓ Use IAM Roles

Attach IAM roles to EC2 instances instead of using access keys

✓ Optimize Collection Intervals

Balance monitoring granularity with cost by adjusting metric collection intervals

Exam Tips

Key Point

CloudWatch agent is required to collect memory and disk metrics from EC2 instances - these are NOT available by default

Remember

Agent can be used on both EC2 instances and on-premises servers for hybrid monitoring

Important

Use Systems Manager Parameter Store to centrally manage agent configurations across multiple instances

Back: Insights Next: Events