AWS CloudWatch Vs CloudTrail

This is part of a blog series giving a high level overview of the different services examined on the AWS Solution Architect Associate exam, to view the whole series click here.

CloudWatch Summary

• CloudWatch is a monitoring & observability service for AWS resources/applications.

• Can monitor performance and resource utilisation

• Can detect anomalous behaviour

• Allows you to create CloudWatch alarms, dashboards, events and logs

CloudWatch with EC2

• Can monitor EC2 at host level

• Monitors every 5 mins by default (Can switch to every 1min by enabling detailed logs)

• Monitors: CPU, Network, Disk, Status Check

CloudTrail Summary

• CloudTrail is used for security analysis .

• It is like CCTV for your AWS account — can retain account activity related to actions across your infrastructure.

• Is for governance, compliance & operational auditing.

• Records actions in the AWS Management Console, SDKs and command line tools.

• Can detect user behaviour patterns and also unusual activity.