Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,090 --> 00:00:01,200 ‫Okay, so in this lecture 2 00:00:01,200 --> 00:00:04,590 ‫we're going to install the CloudWatch unified agent 3 00:00:04,590 --> 00:00:09,150 ‫to collect metrics and log for Amazon EC2 instances. 4 00:00:09,150 --> 00:00:10,440 ‫So to do so, very simple 5 00:00:10,440 --> 00:00:13,980 ‫we're first going to have to create an IAM role. 6 00:00:13,980 --> 00:00:17,160 ‫And this role will allow us to send metrics 7 00:00:17,160 --> 00:00:18,750 ‫and logs to CloudWatch. 8 00:00:18,750 --> 00:00:22,350 ‫So to do so let's go into roles, let's create a role 9 00:00:22,350 --> 00:00:25,620 ‫and this is going to be a role for AWS service 10 00:00:25,620 --> 00:00:26,750 ‫which is an EC2 instance. 11 00:00:26,750 --> 00:00:29,160 ‫So we need to create an EC2 instance role 12 00:00:29,160 --> 00:00:30,330 ‫and then we click on next. 13 00:00:30,330 --> 00:00:31,983 ‫So EC2, just select EC2 here. 14 00:00:32,910 --> 00:00:34,950 ‫Next, we need to find permission policies 15 00:00:34,950 --> 00:00:36,330 ‫to apply to this role. 16 00:00:36,330 --> 00:00:38,580 ‫So for this I'm going to type CloudWatchAgent 17 00:00:40,230 --> 00:00:41,310 ‫and we have two 18 00:00:41,310 --> 00:00:44,610 ‫we have the Server Policy and the Admin Policy. 19 00:00:44,610 --> 00:00:45,810 ‫The one we're going to use right now 20 00:00:45,810 --> 00:00:47,393 ‫is the CloudWatchAgentServerPolicy. 21 00:00:48,750 --> 00:00:50,430 ‫And the reason we do so is that 22 00:00:50,430 --> 00:00:53,760 ‫we want to be able to put metric data into CloudWatch 23 00:00:53,760 --> 00:00:55,710 ‫also to send logs 24 00:00:55,710 --> 00:00:58,290 ‫and finally to get parameters from SSM 25 00:00:58,290 --> 00:01:01,440 ‫because it is possible for us to retrieve a CloudWatch 26 00:01:01,440 --> 00:01:04,020 ‫unified agent configuration directly from SSM 27 00:01:04,020 --> 00:01:06,060 ‫as we will see in this lecture. 28 00:01:06,060 --> 00:01:08,130 ‫So this is enough. Let's click on next. 29 00:01:08,130 --> 00:01:10,710 ‫And then the role name should be, for example 30 00:01:10,710 --> 00:01:14,970 ‫Amazon EC2 role for CloudWatch. 31 00:01:14,970 --> 00:01:18,123 ‫Okay. Let's create this role. 32 00:01:21,480 --> 00:01:22,770 ‫And we're done. 33 00:01:22,770 --> 00:01:24,010 ‫So next what I have to do is 34 00:01:24,010 --> 00:01:25,740 ‫to create an EC2 instance 35 00:01:25,740 --> 00:01:28,020 ‫that will be leveraging this role. 36 00:01:28,020 --> 00:01:30,810 ‫So to do so let's go into the management console 37 00:01:30,810 --> 00:01:32,700 ‫into the EC2 console. 38 00:01:32,700 --> 00:01:36,630 ‫And then I'm going to create an EC2 instance. 39 00:01:36,630 --> 00:01:40,050 ‫So I'll go into launch instance and we'll configure it. 40 00:01:40,050 --> 00:01:44,380 ‫So we're going to use Amazon Linux 2 AMI 41 00:01:45,960 --> 00:01:47,673 ‫and then I will use t2.micro. 42 00:01:48,510 --> 00:01:51,150 ‫We don't need to select a key pair 43 00:01:51,150 --> 00:01:52,500 ‫if we don't want to, which is fine. 44 00:01:52,500 --> 00:01:53,940 ‫We'll use EC2 instance connect 45 00:01:53,940 --> 00:01:56,190 ‫to connect to our EC2 instance. 46 00:01:56,190 --> 00:01:58,440 ‫Then we need to create a new security group 47 00:01:58,440 --> 00:02:01,630 ‫and we'll allow SSH and HTTP traffic 48 00:02:02,550 --> 00:02:04,380 ‫the third one, from the internet 49 00:02:04,380 --> 00:02:06,330 ‫because we'll be launching a web server 50 00:02:06,330 --> 00:02:07,800 ‫and we'll get the log from that server. 51 00:02:07,800 --> 00:02:10,620 ‫So we allow SSH to SSH to our instance 52 00:02:10,620 --> 00:02:15,090 ‫and HTTP to allow port 80 traffic on to our EC2 instance. 53 00:02:15,090 --> 00:02:16,320 ‫This is good. 54 00:02:16,320 --> 00:02:17,670 ‫And then we're good to go. 55 00:02:17,670 --> 00:02:19,743 ‫Let's launch this instance. 56 00:02:22,020 --> 00:02:23,320 ‫Okay. So let's click on it 57 00:02:24,690 --> 00:02:26,520 ‫and we're gonna find the instance right now. 58 00:02:26,520 --> 00:02:29,010 ‫So let me wait for it to be ready. 59 00:02:29,010 --> 00:02:32,130 ‫Okay. So our EC2 instance is now created. 60 00:02:32,130 --> 00:02:33,060 ‫Let's connect to it 61 00:02:33,060 --> 00:02:38,060 ‫using the EC2 instance user connect interface. 62 00:02:38,280 --> 00:02:41,030 ‫So we establish a connection directly into the instance 63 00:02:42,720 --> 00:02:45,810 ‫and now I'm able to issue a few commands. 64 00:02:45,810 --> 00:02:47,250 ‫So the first one I'm going to do 65 00:02:47,250 --> 00:02:48,690 ‫is to elevate my privileges. 66 00:02:48,690 --> 00:02:51,930 ‫So I will do sudo su and now I am a super user 67 00:02:51,930 --> 00:02:53,280 ‫on my instance. 68 00:02:53,280 --> 00:02:56,430 ‫And I will do yum install HTTPD. 69 00:02:56,430 --> 00:02:59,070 ‫This will install a web server and that web server 70 00:02:59,070 --> 00:03:00,060 ‫I say yes. 71 00:03:00,060 --> 00:03:03,300 ‫That web server is going to have traffic 72 00:03:03,300 --> 00:03:04,140 ‫coming from the internet. 73 00:03:04,140 --> 00:03:06,630 ‫And we'll take the log out of HTTP 74 00:03:06,630 --> 00:03:08,070 ‫to connect to our instance 75 00:03:08,070 --> 00:03:09,810 ‫to send that to CloudWatch logs 76 00:03:09,810 --> 00:03:13,500 ‫So the HTTPD service is installed. 77 00:03:13,500 --> 00:03:16,770 ‫And now we're just going to echo "hello world" 78 00:03:16,770 --> 00:03:21,770 ‫into var/www/html/index.html. 79 00:03:23,370 --> 00:03:26,640 ‫So now we have an index HTML file created. 80 00:03:26,640 --> 00:03:29,100 ‫And we need to just start our HTTPD server. 81 00:03:29,100 --> 00:03:33,930 ‫So for this, we'll do sudo systemctl start httpd 82 00:03:34,980 --> 00:03:37,860 ‫This will effectively start our HTTPD service. 83 00:03:37,860 --> 00:03:41,820 ‫And if wanted to allow also it to survive through restarts 84 00:03:41,820 --> 00:03:43,470 ‫we will enable it. 85 00:03:43,470 --> 00:03:47,130 ‫So now back into here, this is the public IP 86 00:03:47,130 --> 00:03:49,470 ‫of my EC2 instance, which is great. 87 00:03:49,470 --> 00:03:51,000 ‫And so if I visit it 88 00:03:51,000 --> 00:03:52,650 ‫now I get the prompt hello world. 89 00:03:52,650 --> 00:03:55,200 ‫So that means that we are indeed able 90 00:03:55,200 --> 00:03:57,390 ‫to access our EC2 instance using 91 00:03:57,390 --> 00:03:59,670 ‫this Apache web server. 92 00:03:59,670 --> 00:04:01,950 ‫And now what I want to show you is that 93 00:04:01,950 --> 00:04:05,100 ‫out of this, this created some log entries. 94 00:04:05,100 --> 00:04:07,410 ‫So if we go into the file 95 00:04:07,410 --> 00:04:11,280 ‫so I'll do cat /var/log/httpd 96 00:04:11,280 --> 00:04:13,920 ‫and then we have access underscore log. 97 00:04:13,920 --> 00:04:17,010 ‫This contains the request log of all 98 00:04:17,010 --> 00:04:19,230 ‫the request made into our server. 99 00:04:19,230 --> 00:04:20,850 ‫As you can see, we can find the fact that 100 00:04:20,850 --> 00:04:23,700 ‫yes we did do a get right now. 101 00:04:23,700 --> 00:04:26,070 ‫So also, should there be any errors 102 00:04:26,070 --> 00:04:28,710 ‫we can do /error_log 103 00:04:28,710 --> 00:04:31,260 ‫and we'll get a list of all the errors 104 00:04:31,260 --> 00:04:34,620 ‫that are happening for our HTTPD server. 105 00:04:34,620 --> 00:04:36,750 ‫So these two logs, the error log 106 00:04:36,750 --> 00:04:38,970 ‫as well as the access log 107 00:04:38,970 --> 00:04:42,180 ‫are the logs that I want to send into CloudWatch logs 108 00:04:42,180 --> 00:04:45,270 ‫using the CloudWatch unify agents. 109 00:04:45,270 --> 00:04:47,610 ‫So to do so, we can follow documentation 110 00:04:47,610 --> 00:04:49,350 ‫but this is quite complicated. 111 00:04:49,350 --> 00:04:50,850 ‫So it's to collect metrics and logs 112 00:04:50,850 --> 00:04:52,620 ‫for Amazon EC2 instances 113 00:04:52,620 --> 00:04:56,103 ‫and I've summarized all the instructions in the code. 114 00:04:57,540 --> 00:05:00,030 ‫So the first thing we have to do is to install the agents 115 00:05:00,030 --> 00:05:01,410 ‫on Amazon Linux 2 116 00:05:01,410 --> 00:05:03,330 ‫and for this we can just run this command 117 00:05:03,330 --> 00:05:06,930 ‫a sudo yum install of the Amazon CloudWatch agent. 118 00:05:06,930 --> 00:05:10,173 ‫So, I say, yes and it's going to be installed. 119 00:05:11,070 --> 00:05:13,530 ‫The next thing we have to do is to run a wizard. 120 00:05:13,530 --> 00:05:16,410 ‫And this is to configure the CloudWatch agent. 121 00:05:16,410 --> 00:05:17,400 ‫This is something we have to do once 122 00:05:17,400 --> 00:05:19,110 ‫and then we'll store the configuration 123 00:05:19,110 --> 00:05:21,360 ‫in the SSM parameter restore. 124 00:05:21,360 --> 00:05:24,270 ‫And it will be retrieved at run time if we need to. 125 00:05:24,270 --> 00:05:26,190 ‫So let's go ahead and clear this 126 00:05:26,190 --> 00:05:28,110 ‫and we're going to run the wizard. 127 00:05:28,110 --> 00:05:28,943 ‫So now it says 128 00:05:28,943 --> 00:05:31,050 ‫on which OS are you planning to use the agent wave? 129 00:05:31,050 --> 00:05:32,370 ‫So Linux. 130 00:05:32,370 --> 00:05:34,800 ‫Then is this EC2 or On-Premises? 131 00:05:34,800 --> 00:05:36,300 ‫This is EC2. 132 00:05:36,300 --> 00:05:39,930 ‫We're going to run this as the route user. 133 00:05:39,930 --> 00:05:41,970 ‫And do you want to turn on StatsD daemon? 134 00:05:41,970 --> 00:05:43,320 ‫Why not? Yes. 135 00:05:43,320 --> 00:05:45,390 ‫So I press one every time. 136 00:05:45,390 --> 00:05:47,850 ‫What port do you want this daemon to listen to? 137 00:05:47,850 --> 00:05:50,430 ‫So we'll just keep the default choice. 138 00:05:50,430 --> 00:05:52,740 ‫Then what is the correct interval? 139 00:05:52,740 --> 00:05:55,590 ‫We'll just keep it as default as well. 140 00:05:55,590 --> 00:05:57,330 ‫So that means that the CloudWatch unified agent 141 00:05:57,330 --> 00:06:02,010 ‫can also collect stuff from StatsD. 142 00:06:02,010 --> 00:06:04,800 ‫Then we have, do we want to have aggregations? 143 00:06:04,800 --> 00:06:06,780 ‫Yes. We'll aggregate them at 60 seconds interval 144 00:06:06,780 --> 00:06:08,190 ‫which is the default. 145 00:06:08,190 --> 00:06:13,190 ‫Do you want to collect metrics from CollectD? 146 00:06:13,350 --> 00:06:16,170 ‫And it must be installed or the agent will fail to start. 147 00:06:16,170 --> 00:06:18,180 ‫So it turns out that I don't have CollectD 148 00:06:18,180 --> 00:06:20,130 ‫on this instance, but it is possible for us 149 00:06:20,130 --> 00:06:22,170 ‫to enable this if we wanted to 150 00:06:22,170 --> 00:06:24,480 ‫but because if we don't have it installed 151 00:06:24,480 --> 00:06:26,070 ‫the agent will fail to start. 152 00:06:26,070 --> 00:06:28,230 ‫We're just going to reply no to this answer. 153 00:06:28,230 --> 00:06:29,943 ‫So I will enter two. 154 00:06:30,780 --> 00:06:32,670 ‫Do you want to monitor any host metrics 155 00:06:32,670 --> 00:06:34,200 ‫such as CPU, memory etcetera? 156 00:06:34,200 --> 00:06:35,033 ‫Yes. 157 00:06:35,033 --> 00:06:37,920 ‫And as you can see, using the CloudWatch unified agent 158 00:06:37,920 --> 00:06:40,530 ‫I am able to have access to memories. 159 00:06:40,530 --> 00:06:42,480 ‫So Ram is a metric you can access 160 00:06:42,480 --> 00:06:44,790 ‫from within the EC2 instance. 161 00:06:44,790 --> 00:06:47,640 ‫We can also collect CPU metrics at the core level. 162 00:06:47,640 --> 00:06:49,050 ‫Again, something this is only possible 163 00:06:49,050 --> 00:06:54,050 ‫by doing metric collection from within the EC2 instance. 164 00:06:54,600 --> 00:06:56,760 ‫Do you want to add EC2 dimensions? 165 00:06:56,760 --> 00:06:58,560 ‫Absolutely. Yes. 166 00:06:58,560 --> 00:06:59,700 ‫And do you want to aggregate them? 167 00:06:59,700 --> 00:07:00,930 ‫Why not? 168 00:07:00,930 --> 00:07:03,930 ‫Then we have the high resolution metrics. 169 00:07:03,930 --> 00:07:05,160 ‫So in case we have that 170 00:07:05,160 --> 00:07:07,320 ‫we have the ability to customize 171 00:07:07,320 --> 00:07:08,220 ‫which resolution will go on them. 172 00:07:08,220 --> 00:07:12,120 ‫So one second, ten seconds, 30 seconds or 60 seconds. 173 00:07:12,120 --> 00:07:13,920 ‫Now to keep cost under control 174 00:07:13,920 --> 00:07:16,110 ‫I will keep it as 60 seconds. 175 00:07:16,110 --> 00:07:18,090 ‫As you can see we can have a resolution 176 00:07:18,090 --> 00:07:19,443 ‫down to one second. 177 00:07:20,370 --> 00:07:22,710 ‫Now, which default metrics config do you want? 178 00:07:22,710 --> 00:07:25,380 ‫Do you want basic, standard, advanced or none? 179 00:07:25,380 --> 00:07:27,723 ‫So we'll keep the default as basic. 180 00:07:28,800 --> 00:07:31,659 ‫And here now I have an entire JSON document 181 00:07:31,659 --> 00:07:34,140 ‫of the configuration we just did. 182 00:07:34,140 --> 00:07:37,770 ‫Which summarizes all the answers we have selected 183 00:07:37,770 --> 00:07:41,700 ‫for the configuration of this CloudWatch unified agent. 184 00:07:41,700 --> 00:07:43,770 ‫So this is good enough. You can have a look. 185 00:07:43,770 --> 00:07:45,030 ‫Are we satisfied with the config? 186 00:07:45,030 --> 00:07:47,010 ‫The answer is yes. 187 00:07:47,010 --> 00:07:49,950 ‫Now, do we have any existing CloudWatch log agents 188 00:07:49,950 --> 00:07:52,170 ‫from configuration file for migration? 189 00:07:52,170 --> 00:07:53,003 ‫The answer is no. 190 00:07:53,003 --> 00:07:55,328 ‫So there used to be before the unified agent 191 00:07:55,328 --> 00:07:57,420 ‫there used to be an old thing called 192 00:07:57,420 --> 00:07:59,940 ‫the Amazon CloudWatch log agents. 193 00:07:59,940 --> 00:08:01,440 ‫And if you had that we could import it 194 00:08:01,440 --> 00:08:03,060 ‫but we don't have this right now. 195 00:08:03,060 --> 00:08:04,080 ‫So we'll say no. 196 00:08:04,080 --> 00:08:04,913 ‫And as you can see 197 00:08:04,913 --> 00:08:07,200 ‫now the unified agents does both metrics 198 00:08:07,200 --> 00:08:09,420 ‫and log at the same time. 199 00:08:09,420 --> 00:08:11,320 ‫Now, do you want to monitor any log files? 200 00:08:11,320 --> 00:08:13,080 ‫We'll say yes. 201 00:08:13,080 --> 00:08:16,230 ‫And now we need to enter the log file path. 202 00:08:16,230 --> 00:08:19,660 ‫So for this is going to be var/log/httpd/access_log 203 00:08:22,620 --> 00:08:24,670 ‫which is the first log file I showed you. 204 00:08:25,650 --> 00:08:28,770 ‫And the group name is going to be access_log for it. 205 00:08:28,770 --> 00:08:31,800 ‫And the log screen name is going to be perfect as well. 206 00:08:31,800 --> 00:08:34,118 ‫And the log retention in days 207 00:08:34,118 --> 00:08:36,570 ‫we could do minus one, for infinity 208 00:08:36,570 --> 00:08:39,903 ‫or we could say, for example, five for seven day retention. 209 00:08:40,740 --> 00:08:43,950 ‫And do you want to additionally specify other log files? 210 00:08:43,950 --> 00:08:45,840 ‫The answer is yes. I want to. 211 00:08:45,840 --> 00:08:47,130 ‫So we enter the path again. 212 00:08:47,130 --> 00:08:51,373 ‫So var/log/httpd/error_log. 213 00:08:52,590 --> 00:08:53,880 ‫Default group name we will keep. 214 00:08:53,880 --> 00:08:55,290 ‫Default stream we keep. 215 00:08:55,290 --> 00:08:58,740 ‫And then again, we'll have a seven day retention 216 00:08:58,740 --> 00:09:00,290 ‫so I'll just enter number five. 217 00:09:01,560 --> 00:09:05,160 ‫Okay. Do you want to specify any more logs we've done? 218 00:09:05,160 --> 00:09:06,900 ‫So just no. 219 00:09:06,900 --> 00:09:09,330 ‫And now we have another config right here. 220 00:09:09,330 --> 00:09:11,550 ‫So now this contains some configuration 221 00:09:11,550 --> 00:09:14,850 ‫for the logs, for our instance. 222 00:09:14,850 --> 00:09:18,000 ‫So this is good enough and I'm good to go. 223 00:09:18,000 --> 00:09:20,083 ‫So do you want to store this config now 224 00:09:20,083 --> 00:09:22,140 ‫in the SSM parameter store? 225 00:09:22,140 --> 00:09:23,910 ‫We will answer yes. 226 00:09:23,910 --> 00:09:24,930 ‫But it will not work 227 00:09:24,930 --> 00:09:27,510 ‫until we have the correct permissions. 228 00:09:27,510 --> 00:09:32,160 ‫So currently this config file has been located and stored 229 00:09:32,160 --> 00:09:35,970 ‫at this address right here, which is great for us 230 00:09:35,970 --> 00:09:39,120 ‫but we want to send this into the SSM parameter store 231 00:09:39,120 --> 00:09:40,350 ‫so that it can be retrieved 232 00:09:40,350 --> 00:09:43,110 ‫by other EC2 instances at run time. 233 00:09:43,110 --> 00:09:46,410 ‫So to do so, we need to store the config. 234 00:09:46,410 --> 00:09:48,368 ‫We need to store the config, this one 235 00:09:48,368 --> 00:09:50,220 ‫in the SSM parameter store 236 00:09:50,220 --> 00:09:52,290 ‫And to do so we need the right permissions. 237 00:09:52,290 --> 00:09:55,620 ‫But if we go into the role we created 238 00:09:55,620 --> 00:09:57,780 ‫the Amazon EC2 role for CloudWatch 239 00:09:57,780 --> 00:10:01,410 ‫which by the way we did not attach to the instance. 240 00:10:01,410 --> 00:10:02,340 ‫Now that I just remembered it. 241 00:10:02,340 --> 00:10:04,020 ‫So let's go back here. 242 00:10:04,020 --> 00:10:07,590 ‫And of course, we'll do security 243 00:10:07,590 --> 00:10:09,150 ‫and then modify IAM role 244 00:10:09,150 --> 00:10:10,650 ‫and we'll need to attach 245 00:10:10,650 --> 00:10:13,320 ‫this Amazon EC2 role for CloudWatch that I just created. 246 00:10:13,320 --> 00:10:15,750 ‫So you see, comes full circle. 247 00:10:15,750 --> 00:10:17,520 ‫So this is perfect. 248 00:10:17,520 --> 00:10:18,353 ‫Even this role, 249 00:10:18,353 --> 00:10:21,360 ‫if we look at the permission itself 250 00:10:21,360 --> 00:10:22,800 ‫and we look at SSM 251 00:10:22,800 --> 00:10:24,360 ‫it's allowed to get a parameter 252 00:10:24,360 --> 00:10:27,480 ‫but not to send a parameter. 253 00:10:27,480 --> 00:10:31,030 ‫So on one instance, we need to add the permissions 254 00:10:31,890 --> 00:10:33,390 ‫to attach a policy 255 00:10:33,390 --> 00:10:36,740 ‫and I will just type CloudWatch agent again 256 00:10:39,450 --> 00:10:41,970 ‫and this time we'll attach the admin policy 257 00:10:41,970 --> 00:10:45,210 ‫which has sufficient permission to put the parameter 258 00:10:45,210 --> 00:10:46,350 ‫into SSM. 259 00:10:46,350 --> 00:10:48,960 ‫And this is only needed when you do the setup 260 00:10:48,960 --> 00:10:50,763 ‫of the CloudWatch unified agents. 261 00:10:51,600 --> 00:10:54,300 ‫So we'll attach this policy. Now we have two policies. 262 00:10:54,300 --> 00:10:55,650 ‫And now my EC2 instance 263 00:10:55,650 --> 00:10:58,080 ‫should be able to perform this next action. 264 00:10:58,080 --> 00:10:59,400 ‫So I will say, yes. 265 00:10:59,400 --> 00:11:01,740 ‫Do you want to store it into the SSM parameter store? 266 00:11:01,740 --> 00:11:03,060 ‫So, yes. 267 00:11:03,060 --> 00:11:05,040 ‫And then what parameter name do you want to use? 268 00:11:05,040 --> 00:11:06,600 ‫So we can just use the default choice. 269 00:11:06,600 --> 00:11:10,950 ‫Amazon Linux, Amazon CloudWatch, minus Linux, press enter. 270 00:11:10,950 --> 00:11:13,320 ‫And then which region do you want to store it in? 271 00:11:13,320 --> 00:11:16,257 ‫So EUS one, which was retrieved directly from 272 00:11:16,257 --> 00:11:19,830 ‫the EC2 metadata by this wizard. 273 00:11:19,830 --> 00:11:20,820 ‫Perfect. 274 00:11:20,820 --> 00:11:22,230 ‫Now which credential should be used? 275 00:11:22,230 --> 00:11:25,110 ‫So the one from the SDK. I press enter. 276 00:11:25,110 --> 00:11:27,960 ‫And then it says successfully put config to parameter store 277 00:11:27,960 --> 00:11:32,960 ‫as Amazon CloudWatch Linux and the program exits now. 278 00:11:33,240 --> 00:11:36,130 ‫So that means that if we go into Amazon Web Services 279 00:11:37,080 --> 00:11:41,160 ‫and then we go into the SSM parameter store. 280 00:11:41,160 --> 00:11:43,083 ‫So let's go into systems manager. 281 00:11:45,240 --> 00:11:47,343 ‫And then find the parameter store. 282 00:11:48,690 --> 00:11:51,090 ‫As we can see now I have one standard parameter 283 00:11:51,090 --> 00:11:53,340 ‫called the Amazon CloudWatch Linux. 284 00:11:53,340 --> 00:11:54,690 ‫And if I click on it 285 00:11:54,690 --> 00:11:56,010 ‫and I look at the value, as you can see 286 00:11:56,010 --> 00:11:59,520 ‫the value is this entire JSON file 287 00:11:59,520 --> 00:12:02,850 ‫that was generated by this wizard. 288 00:12:02,850 --> 00:12:03,683 ‫So it's amazing. 289 00:12:03,683 --> 00:12:07,770 ‫So now the wizard is running and then this has been inserted 290 00:12:07,770 --> 00:12:10,020 ‫into the SSM parameter store. 291 00:12:10,020 --> 00:12:14,490 ‫And now we want to boot up from this parameter. 292 00:12:14,490 --> 00:12:17,370 ‫So back onto our instance, let's clear this screen. 293 00:12:17,370 --> 00:12:20,280 ‫So let's assume this is a whole new instance, okay? 294 00:12:20,280 --> 00:12:22,290 ‫And what we want to do is to just boot up 295 00:12:22,290 --> 00:12:25,890 ‫from this configuration from the SSM parameter store 296 00:12:25,890 --> 00:12:28,620 ‫and start sending metrics and logs into CloudWatch. 297 00:12:28,620 --> 00:12:30,778 ‫So to do so let's go back into our code. 298 00:12:30,778 --> 00:12:33,120 ‫And for this, we have a few options. 299 00:12:33,120 --> 00:12:35,550 ‫So this one can be deleted 300 00:12:35,550 --> 00:12:38,640 ‫because we don't use the CollectD. 301 00:12:38,640 --> 00:12:40,260 ‫So we have options here. 302 00:12:40,260 --> 00:12:43,890 ‫So we can either start directly 303 00:12:43,890 --> 00:12:45,510 ‫from the SSM parameter store. 304 00:12:45,510 --> 00:12:46,980 ‫And this is this command right here. 305 00:12:46,980 --> 00:12:51,300 ‫So the Amazon CloudWatch agent CTL to fetch a config 306 00:12:51,300 --> 00:12:54,810 ‫from SSM at this address right here. 307 00:12:54,810 --> 00:12:56,790 ‫And it's going to fetch the config 308 00:12:56,790 --> 00:12:58,380 ‫we have inserted right here. 309 00:12:58,380 --> 00:12:59,550 ‫So this should work. 310 00:12:59,550 --> 00:13:03,420 ‫The other option is to instead provide a flat file. 311 00:13:03,420 --> 00:13:06,030 ‫So config the JSON file that has been generated 312 00:13:06,030 --> 00:13:07,650 ‫using the wizard, for example 313 00:13:07,650 --> 00:13:09,660 ‫and then the agent can start the quiz 314 00:13:09,660 --> 00:13:11,670 ‫from this static configuration file. 315 00:13:11,670 --> 00:13:13,860 ‫But if you plan to use multiple instances 316 00:13:13,860 --> 00:13:15,360 ‫start from the same file then 317 00:13:15,360 --> 00:13:18,060 ‫it may be a good idea to store it into SSM. 318 00:13:18,060 --> 00:13:21,390 ‫So I will use the command that boots up from SSM. 319 00:13:21,390 --> 00:13:23,880 ‫I will paste it, press enter. 320 00:13:23,880 --> 00:13:26,820 ‫And as you can see, it says 321 00:13:26,820 --> 00:13:30,840 ‫that the configuration version is succeeded 322 00:13:30,840 --> 00:13:33,060 ‫and then it should be good to go. 323 00:13:33,060 --> 00:13:36,600 ‫So let's have a look and see if anything works. 324 00:13:36,600 --> 00:13:41,373 ‫So let's go into the CloudWatch agents. 325 00:13:43,650 --> 00:13:45,090 ‫So let's go into the CloudWatch service. 326 00:13:45,090 --> 00:13:46,460 ‫So CloudWatch. 327 00:13:51,690 --> 00:13:52,523 ‫Perfect. 328 00:13:54,810 --> 00:13:56,490 ‫Let's make sure to use the same region 329 00:13:56,490 --> 00:13:58,940 ‫my EC2 instance is in, which is EU-west-1. 330 00:14:02,130 --> 00:14:04,000 ‫And then I will go into log groups 331 00:14:04,860 --> 00:14:07,890 ‫and underneath we find access log and error log 332 00:14:07,890 --> 00:14:10,770 ‫which are the two logs created by my unified agents. 333 00:14:10,770 --> 00:14:12,930 ‫So under access log, I can find one log stream 334 00:14:12,930 --> 00:14:15,120 ‫which represents my EC2 instance. 335 00:14:15,120 --> 00:14:16,290 ‫And as you can see 336 00:14:16,290 --> 00:14:19,410 ‫we have the two events we saw from before. 337 00:14:19,410 --> 00:14:22,260 ‫Now the cool thing is that if I refresh this page right here 338 00:14:22,260 --> 00:14:23,970 ‫one or two or three times 339 00:14:23,970 --> 00:14:24,803 ‫at some point 340 00:14:24,803 --> 00:14:27,900 ‫the events are going to end up in this log. 341 00:14:27,900 --> 00:14:28,800 ‫So as you can see now 342 00:14:28,800 --> 00:14:32,550 ‫the events have been written by the CloudWatch log agents 343 00:14:32,550 --> 00:14:33,510 ‫unified agents 344 00:14:33,510 --> 00:14:36,270 ‫into this log right here, which is amazing. 345 00:14:36,270 --> 00:14:38,910 ‫And again, if you went into the error log 346 00:14:38,910 --> 00:14:41,100 ‫you will find the log stream right here 347 00:14:41,100 --> 00:14:43,560 ‫that contains the error log stream, if we need to. 348 00:14:43,560 --> 00:14:45,000 ‫So this is perfect. 349 00:14:45,000 --> 00:14:45,930 ‫Now what about metrics? 350 00:14:45,930 --> 00:14:49,560 ‫So if we go into all metrics, we can find a name space 351 00:14:49,560 --> 00:14:52,590 ‫custom name space called CloudWatch agents, CW agents. 352 00:14:52,590 --> 00:14:55,830 ‫And then we can go, for example, by instance ID 353 00:14:55,830 --> 00:14:59,160 ‫and here find the memory used percent 354 00:14:59,160 --> 00:15:01,290 ‫which represents how much ram is being used 355 00:15:01,290 --> 00:15:03,120 ‫by my EC2 instance. 356 00:15:03,120 --> 00:15:05,340 ‫Or the disc used percent and so on. 357 00:15:05,340 --> 00:15:06,859 ‫And you can explore the different metrics. 358 00:15:06,859 --> 00:15:10,481 ‫Here we have the mem used percent again, 359 00:15:10,481 --> 00:15:14,010 ‫but by image ID and with other dimensions and so on. 360 00:15:14,010 --> 00:15:16,620 ‫And here we have six metrics available to us 361 00:15:16,620 --> 00:15:17,790 ‫that are right here. 362 00:15:17,790 --> 00:15:20,760 ‫And it's possible for you to explore the documentation. 363 00:15:20,760 --> 00:15:23,910 ‫And here you can find at some point 364 00:15:23,910 --> 00:15:25,500 ‫you can find all the metrics 365 00:15:25,500 --> 00:15:28,500 ‫that are collected by the CloudWatch agents 366 00:15:28,500 --> 00:15:29,333 ‫they're right here 367 00:15:29,333 --> 00:15:31,920 ‫and the explanations are self explicit. 368 00:15:31,920 --> 00:15:33,570 ‫But you can, just to summarize 369 00:15:33,570 --> 00:15:36,840 ‫collect some CPU metrics, which are very handy. 370 00:15:36,840 --> 00:15:39,510 ‫You can collect as well, some disc space 371 00:15:39,510 --> 00:15:42,240 ‫and IO and so on for your disc. 372 00:15:42,240 --> 00:15:45,720 ‫You can also get information around your mem 373 00:15:45,720 --> 00:15:49,980 ‫so active, available, cached, free and so on. 374 00:15:49,980 --> 00:15:50,813 ‫This is very helpful. 375 00:15:50,813 --> 00:15:53,070 ‫Some network information. 376 00:15:53,070 --> 00:15:55,800 ‫So a number of packets in and out and so on. 377 00:15:55,800 --> 00:15:57,960 ‫And then information about your processes 378 00:15:57,960 --> 00:15:59,520 ‫running on your EC2 instances. 379 00:15:59,520 --> 00:16:01,783 ‫So how many are idle, how many you're running 380 00:16:01,783 --> 00:16:05,160 ‫et cetera, et cetera, which is very, very helpful. 381 00:16:05,160 --> 00:16:07,170 ‫And finally, the swap that you have 382 00:16:07,170 --> 00:16:09,630 ‫on your machine free, used and so on. 383 00:16:09,630 --> 00:16:13,094 ‫So that's it, we've successfully configured 384 00:16:13,094 --> 00:16:15,300 ‫the CloudWatch AI unified agent. 385 00:16:15,300 --> 00:16:19,260 ‫We stored the configuration in SSM and retrieved it 386 00:16:19,260 --> 00:16:20,910 ‫and we're good to go. 387 00:16:20,910 --> 00:16:25,020 ‫Okay. So just to be done, if you are in the DevOps course 388 00:16:25,020 --> 00:16:27,480 ‫you need to keep this instance running. 389 00:16:27,480 --> 00:16:29,490 ‫But if you are in the CSOPs course 390 00:16:29,490 --> 00:16:31,260 ‫then you can terminate this instance 391 00:16:31,260 --> 00:16:32,670 ‫and you'll be good to go. 392 00:16:32,670 --> 00:16:33,503 ‫All right, that's it. 393 00:16:33,503 --> 00:16:34,336 ‫I hope you liked it. 394 00:16:34,336 --> 00:16:36,210 ‫And I will see you in the next lecture. 31043