How to Monitor EC2 Instances with AWS CloudWatch
To monitor an EC2 instance with
CloudWatch, enable detailed monitoring on the instance and use CloudWatch Metrics to track CPU, disk, and network usage. You can create CloudWatch Alarms to get notifications when metrics cross thresholds and use CloudWatch Logs to collect system and application logs.Syntax
Monitoring EC2 with CloudWatch involves these key parts:
- Enable Monitoring: Turn on detailed monitoring on your EC2 instance.
- CloudWatch Metrics: Metrics like CPUUtilization, DiskReadOps, and NetworkIn track instance health.
- CloudWatch Alarms: Set alarms to notify you when metrics exceed limits.
- CloudWatch Logs: Collect logs from your instance for deeper insights.
bash
aws ec2 monitor-instances --instance-ids i-1234567890abcdef0 aws cloudwatch put-metric-alarm \ --alarm-name HighCPUUtilization \ --metric-name CPUUtilization \ --namespace AWS/EC2 \ --statistic Average \ --period 300 \ --threshold 80 \ --comparison-operator GreaterThanThreshold \ --dimensions Name=InstanceId,Value=i-1234567890abcdef0 \ --evaluation-periods 2 \ --alarm-actions arn:aws:sns:region:account-id:my-sns-topic
Example
This example shows how to enable detailed monitoring on an EC2 instance, create a CloudWatch alarm for high CPU usage, and configure a notification.
bash
aws ec2 monitor-instances --instance-ids i-0abcdef1234567890 aws cloudwatch put-metric-alarm \ --alarm-name HighCPUAlarm \ --metric-name CPUUtilization \ --namespace AWS/EC2 \ --statistic Average \ --period 300 \ --threshold 75 \ --comparison-operator GreaterThanThreshold \ --dimensions Name=InstanceId,Value=i-0abcdef1234567890 \ --evaluation-periods 1 \ --alarm-actions arn:aws:sns:us-east-1:123456789012:NotifyMe
Output
Monitoring started for instance i-0abcdef1234567890
Alarm HighCPUAlarm created successfully
Common Pitfalls
Common mistakes when monitoring EC2 with CloudWatch include:
- Not enabling detailed monitoring, which limits metric granularity to 5 minutes instead of 1 minute.
- Forgetting to attach the correct
IAMrole or permissions for CloudWatch Logs to collect instance logs. - Setting alarm thresholds too low or too high, causing false alerts or missed issues.
- Not subscribing to alarm notifications, so alerts are never received.
bash
## Wrong: Creating alarm without enabling detailed monitoring aws cloudwatch put-metric-alarm \ --alarm-name CPUAlarm \ --metric-name CPUUtilization \ --namespace AWS/EC2 \ --statistic Average \ --period 60 \ --threshold 70 \ --comparison-operator GreaterThanThreshold \ --dimensions Name=InstanceId,Value=i-0abcdef1234567890 \ --evaluation-periods 1 ## Right: Enable detailed monitoring first aws ec2 monitor-instances --instance-ids i-0abcdef1234567890 aws cloudwatch put-metric-alarm \ --alarm-name CPUAlarm \ --metric-name CPUUtilization \ --namespace AWS/EC2 \ --statistic Average \ --period 60 \ --threshold 70 \ --comparison-operator GreaterThanThreshold \ --dimensions Name=InstanceId,Value=i-0abcdef1234567890 \ --evaluation-periods 1
Quick Reference
Summary tips for monitoring EC2 with CloudWatch:
- Enable detailed monitoring for 1-minute metrics.
- Use CloudWatch Alarms to get notified on important metric changes.
- Configure CloudWatch Logs with proper IAM roles to collect instance logs.
- Test alarms and notifications to ensure they work.
- Regularly review metrics and logs to maintain instance health.
Key Takeaways
Enable detailed monitoring on EC2 instances for more frequent metrics.
Create CloudWatch Alarms to get alerts on critical metrics like CPU usage.
Use CloudWatch Logs with correct permissions to collect and analyze instance logs.
Set appropriate alarm thresholds to avoid false positives or missed alerts.
Test your monitoring setup regularly to ensure notifications work.