AWS CloudWatch Vs CloudTrail
2 min readFeb 22, 2021
This is part of a blog series giving a high level overview of the different services examined on the AWS Solution Architect Associate exam, to view the whole series click here.
CloudWatch Summary
- CloudWatch is a monitoring & observability service for AWS resources/applications.
- Can monitor performance and resource utilisation
- Can detect anomalous behaviour
- Allows you to create CloudWatch alarms, dashboards, events and logs
CloudWatch with EC2
- Can monitor EC2 at host level
- Monitors every 5 mins by default (Can switch to every 1min by enabling detailed logs)
- Monitors: CPU, Network, Disk, Status Check
CloudTrail Summary
- CloudTrail is used for security analysis .
- It is like CCTV for your AWS account — can retain account activity related to actions across your infrastructure.
- Is for governance, compliance & operational auditing.
- Records actions in the AWS Management Console, SDKs and command line tools.
- Can detect user behaviour patterns and also unusual activity.
