AWS CloudWatch Agent<\/strong> is a software agent installed on servers or compute environments to collect telemetry and send it to Amazon CloudWatch.<\/p>\n\n\n\n It can collect:<\/p>\n\n\n\n AWS describes the CloudWatch Agent as a software component that collects metrics, logs, and traces<\/strong> from EC2 instances, on-premises servers, and containerized applications.<\/p>\n\n\n\n Some AWS metrics are available automatically. For example, EC2 sends CPU and network metrics to CloudWatch by default.<\/p>\n\n\n\n But some important metrics are not available by default<\/strong>, such as:<\/p>\n\n\n\n So, CloudWatch Agent is mainly used when you want deeper visibility inside the operating system and application<\/strong>, not just AWS infrastructure-level metrics.<\/p>\n\n\n\n CloudWatch Agent can collect server-level metrics such as:<\/p>\n\n\n\n This is very important for EC2 monitoring because EC2 does not automatically provide memory and disk space metrics.<\/p>\n\n\n\n CloudWatch Agent can collect log files and send them to CloudWatch Logs.<\/p>\n\n\n\n Examples:<\/p>\n\n\n\n You can configure the agent to collect custom metrics from:<\/p>\n\n\n\n Example custom metric use cases:<\/p>\n\n\n\n CloudWatch Agent can receive traces from applications using OpenTelemetry Protocol \/ OTLP<\/strong> and send them to AWS observability services.<\/p>\n\n\n\n This helps with distributed tracing, especially for microservices.<\/p>\n\n\n\n CloudWatch Agent can run on:<\/p>\n\n\n\n Example:<\/p>\n\n\n\n Before installation, check these items.<\/p>\n\n\n\n You need an EC2 instance, preferably Linux or Windows.<\/p>\n\n\n\n For beginner labs, use Amazon Linux 2, Amazon Linux 2023, Ubuntu, or Windows Server.<\/p>\n\n\n\n The EC2 instance needs an IAM role with permission to send data to CloudWatch.<\/p>\n\n\n\n Attach this AWS managed policy to the EC2 instance role:<\/p>\n\n\n\n If you are creating or storing configuration in Systems Manager Parameter Store, you may also need:<\/p>\n\n\n\n For most beginner labs, use:<\/p>\n\n\n\n For console-based installation, the EC2 instance should be managed by AWS Systems Manager<\/strong>.<\/p>\n\n\n\n That means:<\/p>\n\n\n\n For Amazon Linux and many Windows AMIs, SSM Agent is often already installed.<\/p>\n\n\n\n The instance must be able to reach:<\/p>\n\n\n\n This can be through:<\/p>\n\n\n\n There are two common ways to install CloudWatch Agent:<\/p>\n\n\n\n Since your students have AWS Console access only<\/strong>, the best method is:<\/p>\n\n\n\n Install CloudWatch Agent using AWS Systems Manager Run Command from the AWS Console.<\/p>\n<\/blockquote>\n\n\n\n Install CloudWatch Agent on an EC2 instance without using CLI or SSH.<\/p>\n\n\n\n If no role exists, your instructor or admin must create one.<\/p>\n\n\n\n Required policies:<\/p>\n\n\n\n If the instance does not appear:<\/p>\n\n\n\n Common failure reasons:<\/p>\n\n\n\n Installing the agent is not enough. You must configure what it should collect.<\/p>\n\n\n\n The CloudWatch Agent configuration is a JSON file<\/strong> that defines:<\/p>\n\n\n\n AWS documentation states that before running the agent, you must create one or more configuration files, and the file specifies metrics, logs, and traces to collect.<\/p>\n\n\n\n There are several ways to create the configuration. For beginner training, the easiest is:<\/p>\n\n\n\n Use the CloudWatch Agent configuration wizard through Systems Manager or create a simple JSON configuration manually.<\/p>\n<\/blockquote>\n\n\n\n Since you asked for a complete guide, below is a beginner-friendly configuration example.<\/p>\n\n\n\n This example collects:<\/p>\n\n\n\n For Ubuntu, replace:<\/p>\n\n\n\n with:<\/p>\n\n\n\n This example collects:<\/p>\n\n\n\n For console-based labs, storing configuration in Parameter Store is useful because Systems Manager can apply it to EC2 instances.<\/p>\n\n\n\n After installing the agent and creating configuration, start the agent with Systems Manager Run Command.<\/p>\n\n\n\n This command applies the configuration and starts or restarts the CloudWatch Agent.<\/p>\n\n\n\nTelemetry<\/th> Example<\/th><\/tr><\/thead> Metrics<\/td> CPU, memory, disk, network, process metrics<\/td><\/tr> Logs<\/td> Application logs, system logs, web server logs<\/td><\/tr> Traces<\/td> Application traces using OpenTelemetry or X-Ray-compatible tracing<\/td><\/tr> Custom metrics<\/td> Business or application-level metrics<\/td><\/tr> StatsD metrics<\/td> Metrics from apps using StatsD<\/td><\/tr> collectd metrics<\/td> Metrics from collectd plugins<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\n2. Why Do We Need CloudWatch Agent?<\/h1>\n\n\n\n
Metric<\/th> Available by Default?<\/th> Needs CloudWatch Agent?<\/th><\/tr><\/thead> EC2 CPU utilization<\/td> Yes<\/td> No<\/td><\/tr> EC2 network in\/out<\/td> Yes<\/td> No<\/td><\/tr> EC2 disk read\/write<\/td> Yes<\/td> No<\/td><\/tr> EC2 memory usage<\/td> No<\/td> Yes<\/td><\/tr> EC2 disk space usage<\/td> No<\/td> Yes<\/td><\/tr> Application log files<\/td> No<\/td> Yes<\/td><\/tr> Custom app metrics<\/td> No<\/td> Yes<\/td><\/tr> Process-level metrics<\/td> No<\/td> Yes<\/td><\/tr> On-prem server metrics<\/td> No<\/td> Yes<\/td><\/tr> OpenTelemetry traces<\/td> No<\/td> Yes \/ collector setup<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\n3. CloudWatch Agent Capabilities<\/h1>\n\n\n\n
3.1 Collect System Metrics<\/h2>\n\n\n\n
Category<\/th> Example Metrics<\/th><\/tr><\/thead> CPU<\/td> cpu_usage_idle, cpu_usage_user, cpu_usage_system<\/td><\/tr> Memory<\/td> mem_used_percent, mem_available<\/td><\/tr> Disk<\/td> disk_used_percent, disk_free<\/td><\/tr> Disk I\/O<\/td> reads, writes, read bytes, write bytes<\/td><\/tr> Network<\/td> bytes sent, bytes received, packets<\/td><\/tr> Swap<\/td> swap_used_percent<\/td><\/tr> Processes<\/td> process count, process CPU, process memory<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\n3.2 Collect Logs<\/h2>\n\n\n\n
Source<\/th> Example Log Path<\/th><\/tr><\/thead> Linux system log<\/td> \/var\/log\/messages<\/code><\/td><\/tr>Ubuntu system log<\/td> \/var\/log\/syslog<\/code><\/td><\/tr>Application log<\/td> \/opt\/app\/logs\/app.log<\/code><\/td><\/tr>Nginx access log<\/td> \/var\/log\/nginx\/access.log<\/code><\/td><\/tr>Nginx error log<\/td> \/var\/log\/nginx\/error.log<\/code><\/td><\/tr>Apache logs<\/td> \/var\/log\/httpd\/access_log<\/code><\/td><\/tr>Windows Event Logs<\/td> Application, System, Security<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\n3.3 Collect Custom Metrics<\/h2>\n\n\n\n
\n
\n
\n\n\n\n3.4 Collect Traces<\/h2>\n\n\n\n
\n\n\n\n3.5 Support Multiple Environments<\/h2>\n\n\n\n
Environment<\/th> Supported?<\/th><\/tr><\/thead> Amazon EC2 Linux<\/td> Yes<\/td><\/tr> Amazon EC2 Windows<\/td> Yes<\/td><\/tr> On-premises Linux servers<\/td> Yes<\/td><\/tr> On-premises Windows servers<\/td> Yes<\/td><\/tr> Containerized workloads<\/td> Yes<\/td><\/tr> Hybrid environments<\/td> Yes<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\n4. High-Level Architecture<\/h1>\n\n\n\n
EC2 \/ Server \/ Container\n |\n | CloudWatch Agent\n v\nAmazon CloudWatch\n |\n |-- Metrics\n |-- Logs\n |-- Traces\n |-- Alarms\n |-- Dashboards\n<\/code><\/pre>\n\n\n\nLinux EC2 Instance\n \u251c\u2500\u2500 CPU metrics\n \u251c\u2500\u2500 Memory metrics\n \u251c\u2500\u2500 Disk metrics\n \u251c\u2500\u2500 \/var\/log\/messages\n \u251c\u2500\u2500 \/var\/log\/nginx\/access.log\n \u2514\u2500\u2500 Application logs\n |\n v\nCloudWatch Agent\n |\n v\nCloudWatch Metrics + CloudWatch Logs\n<\/code><\/pre>\n\n\n\n
\n\n\n\n5. Prerequisites Before Installing CloudWatch Agent<\/h1>\n\n\n\n
5.1 EC2 Instance Must Exist<\/h2>\n\n\n\n
\n\n\n\n5.2 IAM Role Is Required<\/h2>\n\n\n\n
CloudWatchAgentServerPolicy\n<\/code><\/pre>\n\n\n\nCloudWatchAgentAdminPolicy\n<\/code><\/pre>\n\n\n\nUse Case<\/th> IAM Policy<\/th><\/tr><\/thead> Agent sends metrics\/logs to CloudWatch<\/td> CloudWatchAgentServerPolicy<\/td><\/tr> Admin creates\/stores agent config<\/td> CloudWatchAgentAdminPolicy<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\n5.3 Systems Manager Agent Recommended<\/h2>\n\n\n\n
\n
\n\n\n\n5.4 Network Access<\/h2>\n\n\n\n
\n
\n
\n\n\n\n6. Installation Methods<\/h1>\n\n\n\n
Method<\/th> Best For<\/th><\/tr><\/thead> AWS Systems Manager console<\/td> Console-only labs and managed EC2<\/td><\/tr> Manual server installation<\/td> When you have SSH\/RDP access<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n \n
\n\n\n\n7. Step-by-Step: Install CloudWatch Agent Using AWS Console<\/h1>\n\n\n\n
Goal<\/h2>\n\n\n\n
\n\n\n\nStep 1: Attach IAM Role to EC2<\/h2>\n\n\n\n
\n
CloudWatchAgentServerPolicy\nAmazonSSMManagedInstanceCore\n<\/code><\/pre>\n\n\n\nPolicy<\/th> Purpose<\/th><\/tr><\/thead> AmazonSSMManagedInstanceCore<\/td> Allows Systems Manager to manage the instance<\/td><\/tr> CloudWatchAgentServerPolicy<\/td> Allows CloudWatch Agent to publish metrics and logs<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\nStep 2: Confirm Instance Appears in Systems Manager<\/h2>\n\n\n\n
\n
\n
\n\n\n\nStep 3: Use Run Command to Install Agent<\/h2>\n\n\n\n
\n
AWS-ConfigureAWSPackage\n<\/code><\/pre>\n\n\n\n\n
Field<\/th> Value<\/th><\/tr><\/thead> Action<\/td> Install<\/td><\/tr> Name<\/td> AmazonCloudWatchAgent<\/td><\/tr> Version<\/td> latest<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n \n
\n\n\n\nStep 4: Verify Installation<\/h2>\n\n\n\n
\n
Success\n<\/code><\/pre>\n\n\n\n\n
Error Type<\/th> Possible Cause<\/th><\/tr><\/thead> Instance not listed<\/td> Not managed by Systems Manager<\/td><\/tr> Access denied<\/td> IAM role missing permissions<\/td><\/tr> Timeout<\/td> Network issue<\/td><\/tr> Package failure<\/td> OS\/package issue<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n
\n\n\n\n8. Configure CloudWatch Agent<\/h1>\n\n\n\n
\n
\n\n\n\n9. Step-by-Step: Create Agent Configuration Using Console and Wizard<\/h1>\n\n\n\n
\n
\n\n\n\n10. Simple Linux CloudWatch Agent Configuration<\/h1>\n\n\n\n
\n
{\n \"agent\": {\n \"metrics_collection_interval\": 60,\n \"run_as_user\": \"root\"\n },\n \"metrics\": {\n \"namespace\": \"CWAgent\",\n \"append_dimensions\": {\n \"InstanceId\": \"${aws:InstanceId}\",\n \"InstanceType\": \"${aws:InstanceType}\",\n \"AutoScalingGroupName\": \"${aws:AutoScalingGroupName}\"\n },\n \"metrics_collected\": {\n \"cpu\": {\n \"measurement\": [\n \"cpu_usage_idle\",\n \"cpu_usage_user\",\n \"cpu_usage_system\"\n ],\n \"metrics_collection_interval\": 60,\n \"totalcpu\": true\n },\n \"mem\": {\n \"measurement\": [\n \"mem_used_percent\",\n \"mem_available\"\n ],\n \"metrics_collection_interval\": 60\n },\n \"disk\": {\n \"measurement\": [\n \"used_percent\",\n \"free\"\n ],\n \"metrics_collection_interval\": 60,\n \"resources\": [\n \"*\"\n ]\n },\n \"swap\": {\n \"measurement\": [\n \"swap_used_percent\"\n ],\n \"metrics_collection_interval\": 60\n }\n }\n },\n \"logs\": {\n \"logs_collected\": {\n \"files\": {\n \"collect_list\": [\n {\n \"file_path\": \"\/var\/log\/messages\",\n \"log_group_name\": \"\/aws\/ec2\/system\/messages\",\n \"log_stream_name\": \"{instance_id}\"\n },\n {\n \"file_path\": \"\/var\/log\/cloud-init.log\",\n \"log_group_name\": \"\/aws\/ec2\/system\/cloud-init\",\n \"log_stream_name\": \"{instance_id}\"\n }\n ]\n }\n }\n }\n}\n<\/code><\/pre>\n\n\n\n\/var\/log\/messages\n<\/code><\/pre>\n\n\n\n\/var\/log\/syslog\n<\/code><\/pre>\n\n\n\n
\n\n\n\n11. Simple Windows CloudWatch Agent Configuration<\/h1>\n\n\n\n
\n
{\n \"agent\": {\n \"metrics_collection_interval\": 60\n },\n \"metrics\": {\n \"namespace\": \"CWAgent\",\n \"append_dimensions\": {\n \"InstanceId\": \"${aws:InstanceId}\",\n \"InstanceType\": \"${aws:InstanceType}\"\n },\n \"metrics_collected\": {\n \"Processor\": {\n \"measurement\": [\n \"% Processor Time\"\n ],\n \"resources\": [\n \"*\"\n ],\n \"metrics_collection_interval\": 60\n },\n \"Memory\": {\n \"measurement\": [\n \"% Committed Bytes In Use\"\n ],\n \"metrics_collection_interval\": 60\n },\n \"LogicalDisk\": {\n \"measurement\": [\n \"% Free Space\"\n ],\n \"resources\": [\n \"*\"\n ],\n \"metrics_collection_interval\": 60\n }\n }\n },\n \"logs\": {\n \"logs_collected\": {\n \"windows_events\": {\n \"collect_list\": [\n {\n \"event_name\": \"System\",\n \"event_levels\": [\n \"ERROR\",\n \"WARNING\"\n ],\n \"log_group_name\": \"\/aws\/ec2\/windows\/system\",\n \"log_stream_name\": \"{instance_id}\"\n },\n {\n \"event_name\": \"Application\",\n \"event_levels\": [\n \"ERROR\",\n \"WARNING\"\n ],\n \"log_group_name\": \"\/aws\/ec2\/windows\/application\",\n \"log_stream_name\": \"{instance_id}\"\n }\n ]\n }\n }\n }\n}\n<\/code><\/pre>\n\n\n\n
\n\n\n\n12. Store Agent Configuration in Systems Manager Parameter Store<\/h1>\n\n\n\n
Steps<\/h2>\n\n\n\n
\n
\/AmazonCloudWatch\/linux-basic-config\n<\/code><\/pre>\n\n\n\n\n
String\n<\/code><\/pre>\n\n\n\n\n
text\n<\/code><\/pre>\n\n\n\n\n
\n\n\n\n13. Start CloudWatch Agent Using Console<\/h1>\n\n\n\n
Steps<\/h2>\n\n\n\n
\n
AmazonCloudWatch-ManageAgent\n<\/code><\/pre>\n\n\n\n\n
Parameter<\/th> Value<\/th><\/tr><\/thead> Action<\/td> configure<\/td><\/tr> Mode<\/td> ec2<\/td><\/tr> Optional Configuration Source<\/td> ssm<\/td><\/tr> Optional Configuration Location<\/td> \/AmazonCloudWatch\/linux-basic-config<\/code><\/td><\/tr>Optional Restart<\/td> yes<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n \n
Success\n<\/code><\/pre>\n\n\n\n
\n\n\n\n14. Verify Metrics in CloudWatch<\/h1>\n\n\n\n
Steps<\/h2>\n\n\n\n
\n
CWAgent\n<\/code><\/pre>\n\n\n\n\n
\n