CloudWatch Logs
💡 Definition
Amazon CloudWatch Logs enables you to centralize the logs from all of your systems, applications, and AWS services that you use, in a single, highly scalable service.
🔑 Key Concepts
- Log Streams: A sequence of log events from a specific source (e.g., one EC2 instance).
- Log Groups: A group of log streams that share the same retention, monitoring, and access control settings (e.g., "MyAppWebServers").
- Retention: You can set how long logs are kept (from 1 day to forever).
- Metric Filters: You can scan logs for patterns (e.g., the word "Error") and turn them into CloudWatch Metrics.
⚙️ How it Works
You install the CloudWatch Agent on your EC2 instances to send system logs (like /var/log/syslog). Lambda and ECS send logs automatically. You can then search, view, and analyze these logs in the console.
🎯 Use Cases
- Centralized Logging: Keeping logs in one place instead of scattered across servers.
- Real-time Monitoring: detecting errors as they happen in log files.
- Archiving: Storing logs securely for compliance.
💰 Pricing Model
- Ingestion: Charged per GB of data uploaded.
- Storage: Charged per GB archived.
- Analysis: Charged per GB of data scanned (CloudWatch Logs Insights).
📝 Exam Tips (CLF-C02)
- Central repository for application and system logs.
- Can create metrics from log data (e.g., count "404" errors).
- CloudWatch Logs Insights allows interactive querying of log data.
See Also: * CloudWatch * CloudTrail (logs API calls, CloudWatch Logs logs application data)