Metering is a process of extracting information from a platform and storing it for processing. In the scope of this chapter, the information would be operational metrics of the system or platform where the application resides—for example, capturing how many units of CPU, network, and disk capacity are used. On top of the system metrics, you can also meter application-level metrics—for example, the number of active users, connection state information, and numbers of errors. Application metrics usually need to be extracted from the application logs. This implies that any good metering system also needs to be able to collect logs.
What can be done with all the metrics and logs collected by the metering process? You monitor them. Most monitoring systems can connect to a database of metered metrics and logs, which enables you to read, view, graph, and analyze them.
Any modern monitoring environment also needs to be able to react to changes in the environment. Any metrics and logs that are out of scope of the typical operating conditions should be able to trigger an alert, and in turn that alert should be able to trigger an action. The simplest actions can be notifications being sent to the users; however, most modern monitoring systems can interact with other systems via APIs and through other remote execution approaches and can be configured to perform automated remediation of issues.
Monitoring should also be used as a security and compliance tool. Metrics often can indicate a security issue; for example, a sudden spike in traffic can be an indication of a denial-of-service (DoS) attack. However, metrics alone are not enough to ensure a platform is secure and compliant. Because monitoring platforms can capture logs, you can extract security events and possible issues and send notifications through the alerting feature. Consider capturing information on login attempts, network access sources and targets, actions being performed within an application, and the application infrastructure as crucial factors where security events are captured. Capturing and analyzing these logs can help you maintain compliance and ensure your application is as secure as possible.
Any monitoring platform should also enable you to encrypt the data in transit and at rest.
AWS provides two built-in services that enable you to capture metrics and logs and to perform monitoring and alerting. In this chapter, we cover the following AWS services:
CloudWatch: This metrics and log collection service can monitor, analyze, and alert.
CloudTrail: This service tracks all requests to the AWS APIs, giving you a complete audit trail of all actions to AWS accounts.
ExamAlert
Some of the exam questions mention the EventBridge service. This service was previously called CloudWatch Events. Chapter 3, ‘Troubleshooting and Remediation,’ covers the EventBridge service in more detail.
Acedexam Training Policies
Learning resources
Other resources
Our Training Providers
