AWS CloudWatch and CloudTrail

AWS CloudWatch Exam Preparation

  • CloudWatch is a monitoring and management service.
  • CloudWatch Collects all logs & Metrics from all your AWS resources as well on-prem(if configured).
  • Can create a visualization tool /dashboard based on the logs.
  • Allows to configure Alarms to take action.
  • Metrics which are available by default,
    • CPU related – usage
    • Disk related – read/write ops
    • network related – in/out, packets
    • Status related – Testing instance level / host level.
  • CloudWatch metric data is kept for 2 weeks.
  • Amazon CloudWatch Logs Agent installer on existing Amazon EC2 instances to install and configure the CloudWatch Logs Agent.


  • AWS CloudTrail, which is a service that records AWS calls for your AWS account and delivers log files to an Amazon S3 bucket.
  • Cloud Trail are by default encrypted @S3.
  • CloudTrail can be enabled for all regions from one place.

Exam Tips:

  • If  the question is on monitoring mostly we should use Cloudwatch, if it is on auditing/api call logs then it has to be CloudTrail.
  • Turning on Cloudwatch custom metrics will provide additional monitoring on Memory.
  • If there are any keywords like compliance, audit, security threats,api calls,regulations ->  prefer CloudTrail over Cloudwatch.