Stick to AWS services architecture principles to integrate more easily with out-of-the-box monitoring. As an example, instead of deploying your web server on an EC2 instance and expose it directly, you might want to go through ECS with ALB in front of it. This way you'll get HTTP for the service so that you can build on top of it dashboards
Don't hesitate to use Cloudwatch for both metric & log monitoring.
Also, in the case of hybrid clouds, you might want to invest in some external monitoring tools to integrate with AWS/Cloudwatch as well as private cloud/infrastructure monitoring. This way, you can have a single pane of glass and track your migration using service-level KPIs
Here's an article that might be useful about hybrid cloud monitoring: www.zen-networks.ma
Search for a product comparison in Server Monitoring
Consultant at a energy/utilities company with 10,001+ employees
Real User
Top 10
2020-05-27T16:55:14Z
May 27, 2020
There are a lot of Best practices that need to be done when it comes down to AWS Monitoring. A few of them listed below.
1. Users activity monitoring
Cloud trail and IAM roles monitoring
Activity Monitoring to avoid any inconsequence failures
2. EC2/LB/ASG monitoring
Cloud watch / Insight/ Matrics alerting and monitoring to troubleshoot/and also log forwarder to an external agent for application-level monitoring
3. Metrics of SQS/SNS monitoring
Cloud watch Metrics/ Insight/ Matrics alerting and monitoring to troubleshoot
4. Lambda and SFTP monitoring
Cloud watch Metrics/ Insight/ Matrics alerting and monitoring to troubleshoot
Business Consultant. at a tech services company with 11-50 employees
Reseller
2020-05-27T08:58:59Z
May 27, 2020
For cloud monitoring we MUST get next information:
- CPU/vCPU metrics (Utilization, min/max Average etc)
- Memory metrics (Utilization, min/max Average etc)
- Volumes metrics
- Ports and interfaces status
- Response Time
- Packet loss and network latency
IT director at a tech services company with 11-50 employees
Real User
Top 20
2020-05-27T01:03:16Z
May 27, 2020
Avoid using the root account, the first account created on the AWS and that has administrative rights, and how monitoring should be established for when it is used.
Force the use of a second authentication factor (MFA - Multi Factor Authentication) to access the AWS console.
Disable access to unused credentials 90 days or more.
Rotation of Access Keys every 90 days or less.
Create strong password policies for IAM users.
Enable CloudTrail on all accounts.
Avoid and monitor the existence of Security Groups (SG) by releasing ingress / inbound access to port 22 or 3389 for any IP address (0.0.0.0/0).
Server Monitoring solutions provide essential insights and diagnostics that allow IT administrators to keep servers operational and optimized.
These tools offer real-time tracking, alerting mechanisms, and performance analytics. They help in identifying potential issues before they become critical, ensuring that servers run efficiently. Implementations vary in complexity, from simple software agents to comprehensive suites that integrate with other IT management tools.
What are...
Stick to AWS services architecture principles to integrate more easily with out-of-the-box monitoring. As an example, instead of deploying your web server on an EC2 instance and expose it directly, you might want to go through ECS with ALB in front of it. This way you'll get HTTP for the service so that you can build on top of it dashboards
Don't hesitate to use Cloudwatch for both metric & log monitoring.
Also, in the case of hybrid clouds, you might want to invest in some external monitoring tools to integrate with AWS/Cloudwatch as well as private cloud/infrastructure monitoring. This way, you can have a single pane of glass and track your migration using service-level KPIs
Here's an article that might be useful about hybrid cloud monitoring: www.zen-networks.ma
There are a lot of Best practices that need to be done when it comes down to AWS Monitoring. A few of them listed below.
1. Users activity monitoring
Cloud trail and IAM roles monitoring
Activity Monitoring to avoid any inconsequence failures
2. EC2/LB/ASG monitoring
Cloud watch / Insight/ Matrics alerting and monitoring to troubleshoot/and also log forwarder to an external agent for application-level monitoring
3. Metrics of SQS/SNS monitoring
Cloud watch Metrics/ Insight/ Matrics alerting and monitoring to troubleshoot
4. Lambda and SFTP monitoring
Cloud watch Metrics/ Insight/ Matrics alerting and monitoring to troubleshoot
I hope this helps.
For cloud monitoring we MUST get next information:
- CPU/vCPU metrics (Utilization, min/max Average etc)
- Memory metrics (Utilization, min/max Average etc)
- Volumes metrics
- Ports and interfaces status
- Response Time
- Packet loss and network latency
Avoid using the root account, the first account created on the AWS and that has administrative rights, and how monitoring should be established for when it is used.
Force the use of a second authentication factor (MFA - Multi Factor Authentication) to access the AWS console.
Disable access to unused credentials 90 days or more.
Rotation of Access Keys every 90 days or less.
Create strong password policies for IAM users.
Enable CloudTrail on all accounts.
Avoid and monitor the existence of Security Groups (SG) by releasing ingress / inbound access to port 22 or 3389 for any IP address (0.0.0.0/0).