401 Reading 18 - marsecguy/reading-notes-cyberops GitHub Wiki

CloudWatch

1. Explain CloudWatch Events to a non-technical friend.

   • CloudWatch is an Amazon service for monitoring cloud resources and networks that can help users optimize their systems. It provides traffic and event monitoring, log reports, process automation and event alarms. The settings and features are highly customizable, based on the users' needs.

2. What do CloudWatch Logs helps us achieve?

   • The accountability piece of AAA. It keeps logs of access to any of the suite of AWS products. If someone in or out of of the organization accesses something they shouldn't, or starts a new AWS service, it will be logged.
   • System troubleshooting by being able to see when and where issues started.

3. What capabilities does CloudWatch Anomaly detection have?

   • Learn and model the expected behavior of a metric based on prior data.
   • Calculate expected values and generates the Anomaly Detection band.
   • Enable you to create alarms based on the Anomaly Detection band and remediate detected anomalies.
   • AWS API & CloudFormation support.

Source: Citrus