Chloe McAree (McAteer)
Published on

AWS CloudWatch Vs CloudTrail


This is part of a blog series giving a high level overview of the different services examined on the AWS Solution Architect Associate exam, to view the whole series click here.

CloudWatch Summary

CloudWatch logo

  • CloudWatch is a monitoring & observability service for AWS resources/applications.

  • Can monitor performance and resource utilisation

  • Can detect anomalous behaviour

  • Allows you to create CloudWatch alarms, dashboards, events and logs

CloudWatch with EC2

  • Can monitor EC2 at host level

  • Monitors every 5 mins by default (Can switch to every 1min by enabling detailed logs)

  • Monitors: CPU, Network, Disk, Status Check

CloudTrail Summary

CloudTrail logo

  • CloudTrail is used for security analysis .

  • It is like CCTV for your AWS account — can retain account activity related to actions across your infrastructure.

  • Is for governance, compliance & operational auditing.

  • Records actions in the AWS Management Console, SDKs and command line tools.

  • Can detect user behaviour patterns and also unusual activity.