THE DFIR BLOG
Menu

Cloud Security

CloudWatch

3/10/2021

0 Comments

 
Picture
What is AWS CloudWatch? 
​One word: Performance Monitoring
AWS CloudWatch is a monitoring service to monitor your AWS Resources and the application that you run on AWS. CloudWatch is used for Performance Monitoring. It can monitor EC2, Autoscaling Groups, Elastic load Balancer, Route53, EBS, Storage gateway etc. It can also monitor Host Level Metrics like CPU, Network, Disk etc. 


CloudTrail vs CloudWatch
CloudTrails is like a CCTV and used for increasing the visibility for API Calls and CloudWatch Monitor Performance. 

Alerting
CloudWatch Alerting: Yes, you can create alerts in CloudWatch as well and trigger notifications for it. 

Security Use-Case
  • Monitor and Notify on AWS Root User Activity. Link 
    • Video​
  • Performance Monitoring of EC2 Instance for Anomaly Detection
    • Setup a CloudWatch to stream Data to a Centralized S3 Bucket. 
Additional Key things to remember
  • CloudWatch can work with on-prem service as well. 
  • Ensure that the Associated IAM policy has cloudwatch:putMetricData
0 Comments



Leave a Reply.

    Archives

    October 2023
    April 2023
    June 2021
    March 2021

    Categories

    All

    RSS Feed

  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me
  • Infosec
  • Mac Forensics
  • Windows Forensics
  • Linux Forensics
  • Memory Forensics
  • Incident Response
  • Blog
  • About Me