describe alarms
aws --profile ${PROFILE} --region ${REGION} cloudwatch describe-alarms --state-value ALARM
query cloudwatch logs insight
aws --profile ${PROFILE} --region ${REGION} logs start-query --log-group-name ${log_group_name} --start-time 1543622400 --end-time 1545609599 --query-string "fields @timestamp, @message | sort @timestamp desc| filter @message like /(?i)(Started Application in)/ | stats count() by @logStream"
getmetric statistics
aws --region us-east-1 cloudwatch get-metric-statistics --metric-name EstimatedCharges --start-time 2021-01-04T23:18:00Z --end-time 2021-01-05T23:18:00Z --period 3600 --namespace AWS/Billing --statistics Maximum --dimensions Name=Currency,Value=USD
Install agent on EC2
yum install amazon-cloudwatch-agent
Create IAM role CloudWatchAgentServerRole and add policy CloudWatchAgentServerPolicy and attach to the EC2.
Create standard string parameter in SSM with content like
{
"agent": {
"metrics_collection_interval": 60,
"run_as_user": "root"
},
"logs": {
"logs_collected": {
"files": {
"collect_list": [
{
"file_path": "/var/log/secure",
"log_group_name": "secure",
"log_stream_name": "{instance_id}"
}
]
}
}
},
"metrics": {
"append_dimensions": {
"AutoScalingGroupName": "${aws:AutoScalingGroupName}",
"ImageId": "${aws:ImageId}",
"InstanceId": "${aws:InstanceId}",
"InstanceType": "${aws:InstanceType}"
},
"metrics_collected": {
"collectd": {
"metrics_aggregation_interval": 60
},
"cpu": {
"measurement": [
"cpu_usage_idle",
"cpu_usage_iowait",
"cpu_usage_user",
"cpu_usage_system"
],
"metrics_collection_interval": 60,
"totalcpu": false
},
"disk": {
"measurement": [
"used_percent",
"inodes_free"
],
"metrics_collection_interval": 60,
"resources": [
"*"
]
},
"diskio": {
"measurement": [
"io_time",
"write_bytes",
"read_bytes",
"writes",
"reads"
],
"metrics_collection_interval": 60,
"resources": [
"*"
]
},
"mem": {
"measurement": [
"mem_used_percent"
],
"metrics_collection_interval": 60
},
"netstat": {
"measurement": [
"tcp_established",
"tcp_time_wait"
],
"metrics_collection_interval": 60
},
"statsd": {
"metrics_aggregation_interval": 60,
"metrics_collection_interval": 10,
"service_address": ":8125"
},
"swap": {
"measurement": [
"swap_used_percent"
],
"metrics_collection_interval": 60
}
}
}
}
on SSM named like AmazonCloudWatch-linux as above policy can fetch AmazonCloudWatch-*.
On EC2 run:
/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c ssm:AmazonCloudWatch-linux -s