As name indicates it will maintain trail of every action taken on AWS

logging

maintaining history based on API call

it is not enabled by default

can be enabled on a per region basis

management console

CLI

SDK

other API

identity of API caller

time of API call

Source IP address of API caller

request parameters

response element returned by AWS service

security analysis

resource change tracking

compliance auditing

cloud watch log

S3 :- cloud trail can be enabled across multiple AWS a/c. which can be pointed to single S3 bucket (with cross a/c access)

AWS cloud resources

applications we run on AWS

it will take action for logs (mainly cloudTrail)

cloud trail logs can be sent to cloud watch logs for real time monitoring

tracking application performance

operational health

this will receive logs from cloud trail

filter logs based on keywords

cloud watch logs stored indefinitely

send email

send SMS

change color

alarm history stored for 14 days

can be used for getting billing alarms also.

  in real life situation we might have some specific budget each month for AWS account. when we set alarm for AWS resources and if specific threshold reached then we can receive notification

if yellow send email

  if orange send email and SMS


  if red send email, SMS and do some provisioning of server

collect logs with the help fo cloud watch log

monitor logs

track metrics

set alarm

automatically react to change in our AWS resources

EC2 instance

auto scaling

Elastic load balancer (ELB)

Route 53

cloud front

RDS instances

DynamoDB table

elasticache

Redshift

EBS volume

storage gateway

SNS

SQS

custom metrics generated by our App and services

any log file generated by our application

estimated charges on AWS bill

opswork

1 minute data point for 15 days

5 minute datapoints are available for 63 days

1 hour datapoints are available for 455 days