Tutorial / Cram Notes

CloudWatch can be used to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS resources. For DevOps Engineers preparing for the AWS Certified DevOps Engineer – Professional (DOP-C02) exam, understanding how to create custom metrics, metric filters, alarms, and notifications in CloudWatch is essential.

Creating CloudWatch Custom Metrics

Custom metrics in CloudWatch allow you to monitor data points that AWS does not automatically track. With custom metrics, you can push your own log data to CloudWatch for monitoring.

Here is a step-by-step process to create a custom metric:

  1. Collect data: The first step is to gather the data that you want to monitor. This could be system metrics, application performance, or any other data relevant to your needs.
  2. Publish to CloudWatch: Once you have your data, you can use the PutMetricData API to send your custom metrics to CloudWatch. You can also employ AWS SDKs or the AWS CLI for this purpose.

For example, sending a custom metric using the AWS CLI looks like this:

aws cloudwatch put-metric-data –metric-name PageViewCount –namespace “MyApplication” –value 100 –dimensions InstanceId=i-1234567890abcdef0,InstanceType=m1.small

  1. View the metric: After publishing, you can go to the CloudWatch console to see your new custom metric. It will appear under the custom namespace you specified.

Creating CloudWatch Metric Filters

Metric filters allow you to turn log data into numerical metrics that you can graph in CloudWatch. Here’s how you can create a metric filter:

  1. Log into CloudWatch Console: Navigate to the CloudWatch dashboard and open the ‘Logs’ section.
  2. Choose Log Group: Identify the log group that you want to filter.
  3. Create Filter: Select “Create Metric Filter” and define the filter pattern you want to match.
  4. Set Metric Details: Assign a name, namespace, and value for each occurrence of the pattern.

For instance, if you want to monitor the number of 404 errors in your application logs, your metric filter pattern could be:

[host, ident, authuser, date, request, status_code=404, bytes]

Setting Alarms in CloudWatch

Alarms in CloudWatch can be used to perform actions based on the metric value. To set up a CloudWatch alarm:

  1. Open the CloudWatch Console: Go to the ‘Alarms’ section and click “Create Alarm”.
  2. Select Metric: Choose the metric you want to set an alarm on.
  3. Define the Threshold: Specify the criteria for the alarm (e.g., >= 500 errors during a 5-minute period).
  4. Set Actions: Choose the action to take when the alarm state is reached such as sending a notification.

An alarm for high CPU utilization might look like this:

{
“AlarmName”: “High CPU Utilization Alarm”,
“MetricName”: “CPUUtilization”,
“Namespace”: “AWS/EC2”,
“Statistic”: “Average”,
“Period”: 300,
“EvaluationPeriods”: 2,
“Threshold”: 90,
“ComparisonOperator”: “GreaterThanThreshold”,
“ActionsEnabled”: true,
“AlarmActions”: [ “arn:aws:sns:us-east-1:123456789012:my-topic” ],
“AlarmDescription”: “Alarm when server CPU exceeds 90%”
}

Notifications with Amazon SNS and Lambda

To notify or respond to CloudWatch alarms, you can use services like Amazon SNS or AWS Lambda. An SNS topic can be used to send email or SMS messages, and Lambda can be used to execute custom functions in response to alarms.

For example, to create an SNS topic and subscribe to an email endpoint:

aws sns create-topic –name my-notification-topic
aws sns subscribe –topic-arn arn:aws:sns:us-east-1:123456789012:my-notification-topic –protocol email –notification-endpoint my-email@example.com

You can then associate this SNS topic with a CloudWatch alarm.

For invoking a Lambda function in response to an alarm:

  1. Create a Lambda Function: Write and deploy a Lambda function that defines the actions to be taken.
  2. Set Lambda Permissions: Ensure Lambda has the necessary permissions to be invoked by CloudWatch.
  3. Modify the Alarm: Update the CloudWatch alarm to add the Lambda function ARN to the AlarmActions section.

aws cloudwatch put-metric-alarm –alarm-name “InvokeLambdaFunction” –metric-name “ErrorCount” –namespace “MyApplication” …

Combining custom metrics, metric filters, alarms, and notifications—and potentially AWS Lambda functions for complex automation—can provide a sophisticated and responsive monitoring solution. This knowledge not only aids in managing AWS cloud applications but also is invaluable for those pursuing the AWS Certified DevOps Engineer – Professional certification.

Practice Test with Explanation

True or False: CloudWatch can only monitor AWS services and cannot be used to monitor custom application metrics.

  • (A) True
  • (B) False

Answer: B

Explanation: CloudWatch can be used to monitor both AWS services and custom application metrics by sending custom metrics to CloudWatch.

Which AWS service can be used to create a notification system for CloudWatch Alarms?

  • (A) AWS Lambda
  • (B) Amazon Simple Notification Service (SNS)
  • (C) Amazon Kinesis
  • (D) Amazon Simple Email Service (SES)

Answer: B

Explanation: Amazon Simple Notification Service (SNS) can be used with CloudWatch Alarms to send notifications when specific thresholds are breached.

What is the purpose of a CloudWatch Metric Filter?

  • (A) To change the retention period of metrics
  • (B) To filter out data from logs and transform it into metrics
  • (C) To provide real-time processing of streaming data
  • (D) To adjust the sampling rate of default metrics

Answer: B

Explanation: CloudWatch Metric Filters are used to filter log data and create custom metrics from the filtered log data.

True or False: CloudWatch Logs can be directly analyzed by AWS Lambda functions without any other interfacing service.

  • (A) True
  • (B) False

Answer: B

Explanation: While AWS Lambda can process data from logs, it typically does so using a service like Amazon Kinesis or after the log data has been exported or streamed to another service.

What does a CloudWatch Alarm do when it transitions into an ALARM state?

  • (A) Stop the EC2 instance
  • (B) Automatically resolve the issue
  • (C) Perform actions defined for the ALARM state
  • (D) Disable CloudWatch metrics

Answer: C

Explanation: When a CloudWatch Alarm transitions into an ALARM state, it performs any actions that are defined, such as sending notifications, triggering auto-scaling actions, or invoking AWS Lambda functions.

True or False: Custom CloudWatch metrics require detailed monitoring to be enabled.

  • (A) True
  • (B) False

Answer: B

Explanation: Custom CloudWatch metrics can be reported independently of the standard 5-minute interval for basic monitoring or the 1-minute interval for detailed monitoring.

Which service can be used to trigger an AWS Lambda function in response to CloudWatch Alarms?

  • (A) Amazon SNS
  • (B) Amazon SES
  • (C) Amazon EC2 Auto Scaling
  • (D) AWS CodeDeploy

Answer: A

Explanation: Amazon SNS can be used to send messages to an AWS Lambda function when a CloudWatch Alarm is triggered.

When creating a CloudWatch Alarm, which statistic can you specify to determine when the alarm state should change?

  • (A) Average
  • (B) Sum
  • (C) Maximum
  • (D) All of the above

Answer: D

Explanation: When creating an alarm, you can specify various statistics such as the average, sum, maximum, minimum, and others to aggregate data over a specified period and determine when an alarm state should change.

True or False: Metric Filters in CloudWatch Logs support regular expressions for pattern matching.

  • (A) True
  • (B) False

Answer: A

Explanation: Metric Filters in CloudWatch Logs can use regular expressions to match terms, phrases, or values in log messages when transforming log data into metrics.

CloudWatch Alarms can be configured to notify an operations team when there is a problem. Which AWS service can CloudWatch Alarms NOT directly notify?

  • (A) Amazon SNS
  • (B) Amazon SQS
  • (C) Amazon ECS
  • (D) AWS Chatbot

Answer: C

Explanation: CloudWatch Alarms can directly notify Amazon SNS, which can then send messages to many different endpoints, including Amazon SQS and AWS Chatbot. Alarms can’t directly notify Amazon ECS; ECS can respond to alarms only indirectly through service scaling policies or task placement strategies.

True or False: CloudWatch custom metrics support dimensions to help categorize and filter metrics.

  • (A) True
  • (B) False

Answer: A

Explanation: CloudWatch custom metrics support dimensions, which are name/value pairs that help to categorize and filter metrics. Dimensions can be used to differentiate metrics by characteristics such as instance ID, environment, application name, etc.

Which of the following is not a built-in retention period option for CloudWatch Logs?

  • (A) 1 week
  • (B) 3 months
  • (C) 1 year
  • (D) Indefinitely

Answer: D

Explanation: CloudWatch Logs allows you to specify built-in retention periods ranging from one day to up to 10 years. Indefinitely is not an option for retention within CloudWatch Logs; logs must have a defined retention period or be manually deleted.

Interview Questions

Can you describe what a CloudWatch custom metric is and why you might need to create one?

A CloudWatch custom metric is a user-defined metric that enables you to monitor data points or events that AWS CloudWatch does not automatically track. You might need to create one to monitor application-specific events, system performance, or any other business-related KPIs that are not covered by the default AWS metrics.

How would you go about publishing a custom metric to CloudWatch?

To publish a custom metric to CloudWatch, you use the put-metric-data API action either through the AWS CLI, an AWS SDK, or the CloudWatch API. You need to specify a namespace, a metric name, and at least one data point (with a value and a timestamp).

What are metric filters in CloudWatch, and how do you use them?

Metric filters in CloudWatch are used to turn log data into numerical CloudWatch metrics that you can graph or set alarms on. You set up metric filters by providing search patterns within log data, and each time the pattern is found, it can increment a metric that you define.

Could you explain the process of setting up an alarm based on a custom metric in CloudWatch?

To set up an alarm based on a custom metric in CloudWatch, you navigate to the CloudWatch dashboard, select ‘Alarms’, click on ‘Create Alarm’, choose the custom metric, and define the conditions that will trigger the alarm. You can then configure actions, such as sending notifications through Amazon SNS or initiating an Auto Scaling policy.

How can CloudWatch alarms integrate with AWS Lambda, and provide an example of when this might be appropriate?

CloudWatch alarms can trigger a Lambda function when a certain threshold is breached. For example, if you have a custom metric that counts error messages in logs, you can set up an alarm to invoke a Lambda function to automatically investigate or apply a fix when the error count exceeds a certain number.

In the context of CloudWatch and SNS, what is the significance of topics and subscriptions?

In the context of CloudWatch and SNS (Simple Notification Service), a “topic” acts as a communication channel, while “subscriptions” are endpoints like emails, SMS, HTTP/S endpoints, or Lambda functions that receive messages published to the topic. When an alarm state changes, it can publish a message to an SNS topic, which will then notify all subscribed endpoints.

What are some considerations for ensuring the high-resolution granularity of custom CloudWatch metrics?

For high-resolution granularity of custom CloudWatch metrics, you should consider publishing metrics with a period of less than 60 seconds, known as high-resolution metrics. This allows for more precise and rapid scaling policies and more detailed monitoring. Note that high-resolution metrics may incur additional costs.

What are the best practices for creating meaningful alarm names and descriptions in CloudWatch?

Best practices for creating meaningful alarm names and descriptions in CloudWatch include using descriptive and consistent naming conventions that reflect the metric, condition, and the resource being monitored. Descriptions should clearly state the significance of the alarm and what action is expected when it is triggered.

How would you troubleshoot a situation where CloudWatch custom metrics are not showing up in the dashboard?

To troubleshoot this issue, you would verify that the correct IAM permissions are in place, ensure the metric data is within the retention period, check for correct namespace and dimension names, confirm that the data points are within the supported range, and inspect any relevant logs for errors during the data publish action.

What is the difference between period and evaluation period on a CloudWatch alarm?

The period is the length of time associated with a specific metric data point that CloudWatch is analyzing. Evaluation period is the number of recent data points CloudWatch uses to evaluate the alarm condition. For example, an alarm set to a 1-minute period with an evaluation period of 3 will analyze three consecutive one-minute data points to decide the alarm state.

How can you configure a CloudWatch alarm to recover an EC2 instance when it becomes impaired?

You can configure a CloudWatch alarm to automatically recover an EC2 instance by selecting the “EC2 Action – Recover this instance” option when setting up the alarm action. This works only for certain types of instance impairments and not for underlying hardware failures.

Can you explain how CloudWatch Logs Insights can be used in conjunction with metric filters and alarms?

CloudWatch Logs Insights allows you to run queries against log data. You can use this feature to troubleshoot metric filter patterns by running queries that use the same patterns. Once you’ve verified the correct patterns, you can create metric filters based on the results. These filters can then be used to trigger alarms by incrementing metrics whenever logs match the defined patterns.

0 0 votes
Article Rating
Subscribe
Notify of
guest
25 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Aida Deschamps
6 months ago

Thanks for the detailed guide on CloudWatch custom metrics! It was really helpful for my exam prep.

Liliya Andreyko
6 months ago

Great post! Can someone explain how to set up a CloudWatch Alarm for a custom metric?

Vilma Lepisto
7 months ago

I had trouble understanding how Metric Filters work. Can someone give a real-world example?

Jadranka Popović
6 months ago

How do you link CloudWatch Alarms to SNS for notification?

Janne Sætren
6 months ago

This was really enlightening. I appreciate the detailed explanations.

عسل موسوی
7 months ago

How effective is integrating CloudWatch with AWS Lambda for alert responses?

Luna Lecomte
5 months ago

Perfect guide! Helped me create custom metrics without any issues.

Emilia Gallardo
7 months ago

Is it cheaper to use CloudWatch custom metrics or standard metrics?

25
0
Would love your thoughts, please comment.x
()
x