Skip to main content
In this guide, you’ll learn how to monitor Amazon EC2 instances using AWS CloudWatch. Think of CloudWatch as the centralized control room in a sophisticated building-wide security system—it ingests data from cameras, sensors, and alarms, then provides real‐time insights into resource utilization, application performance, and operational health across your AWS environment.
The image illustrates AWS CloudWatch, showing a surveillance camera icon, AWS Cloud components, and features like Metrics and Alarms.

Table of Contents

  1. Metrics and Alarms
  2. CloudWatch Dashboards
  3. Data Retention & Detailed Monitoring
  4. CloudWatch Agent
  5. CloudWatch Logs
  6. Additional Resources

Metrics and Alarms

CloudWatch metrics are time-ordered data points representing system and application measurements—such as CPU utilization, disk I/O, or network traffic—collected from your EC2 instances.
  • Create alarms to watch metrics and trigger automated actions (e.g., Auto Scaling) or notifications (e.g., Amazon SNS) when predefined thresholds are crossed.
  • Use built-in metrics for EC2 or publish custom metrics for domain-specific KPIs.
The image is a diagram illustrating AWS CloudWatch monitoring an EC2 instance, showing CPU and other metrics, with a connection to another component.

Common EC2 Metrics

Metric NameDescriptionResolution (Default / Detailed)
CPUUtilizationPercentage of allocated EC2 CPU used5 minutes / 1 minute
DiskReadOpsNumber of disk read operations5 minutes / 1 minute
NetworkInIncoming network traffic (bytes)5 minutes / 1 minute
StatusCheckFailedInstance health check failures5 minutes / 1 minute
Enabling detailed monitoring incurs additional charges. Review the CloudWatch pricing page before turning on one‐minute metrics.

CloudWatch Dashboards

Dashboards let you unify metrics, alarms, and logs into a single customizable view. You can:
  • Combine widgets (graphs, text, alarms) from multiple AWS accounts and regions.
  • Share readonly dashboards with stakeholders for real‐time collaboration.
  • Embed dashboards in internal portals or runbooks for incident response.
The image shows a CloudWatch Dashboard with icons representing data and graphs connected across a world map. It illustrates a global network of monitoring points.
Use descriptive widget titles and color‐coded alarms to make critical metrics stand out on your dashboard.

Data Retention & Detailed Monitoring

CloudWatch automatically retains metrics at different granularities:
Time PeriodMetric ResolutionUse Case
0–3 hours1 minuteNear real-time troubleshooting
3–15 days5 minutesShort-term trend analysis
15 days–63 days1 hourMid-term capacity planning
63 days–15 months1 dayLong-term historical reporting
Detailed monitoring (1-minute resolution) is available for EC2 instances and certain services at extra cost. Custom metrics follow the same retention model once published.

CloudWatch Agent

The CloudWatch Agent is lightweight software you install on EC2 instances (or on-premises servers) to collect system metrics, application logs, and custom data:
  • Real-time, high-resolution metrics (CPU, memory, disk, network).
  • Centralized log collection for Linux and Windows (supports JSON, syslog, IIS, and more).
  • Custom metric publishing via configuration files or the GetMetricData API.
The image illustrates the CloudWatch Agent with icons representing its features: real-time monitoring, centralized logging, and custom metrics.
Configure the agent with the unified CloudWatch Agent configuration file (amazon-cloudwatch-agent.json) and deploy it using AWS Systems Manager for scale.

CloudWatch Logs

AWS CloudWatch Logs centralizes, monitors, and stores log data from EC2 instances, CloudTrail, VPC Flow Logs, and on-premises servers:
  • Log events: Individual records with timestamps (e.g., application errors).
  • Log streams: Ordered sequences of events from a single source.
  • Log groups: Containers for related streams with shared retention, access controls, and metric filters.
The image illustrates the CloudWatch Logs concept, showing a diagram with log groups, log streams, and events, represented by chip icons and labeled sections.
Use metric filters to extract numeric data from logs and trigger CloudWatch alarms. Archive older logs to Amazon S3 for cost-effective, long-term storage.

Additional Resources

Watch Video

Practice Lab