Is there a way where we can check how many S3 List requests are happening on a bucket
The general solution on AWS to finding out what is going on at the API level is to use CloudTrail.
See Logging Amazon S3 API Calls by Using AWS CloudTrail.
This can be done by enabling the request metrics on S3 bucket by using CloudWatch service. The metrics are available at 1-minute intervals after some latency to process. These CloudWatch metrics are billed at the same rate as the Amazon CloudWatch Custom Metrics.
You can refer this Document to Configure Request Metrics for an S3 Bucket.
Related
I'm working on Centralized Logging of my environnement AWS presented in this guide:https://docs.aws.amazon.com/solutions/latest/centralized-logging/overview.html
I'm using the same architecture as presented in AWS Doc.
I'm searching the possibility to send metrics from CloudWatch of each account to OpenSearch in centralized account. I was thinking of a Lambda function that retrieves each X minutes the data with get_metric_data ? I'm collecting the metrics with CloudWatch Agent
Is there an another method to do it ?
Thank you
I have a question about streaming CloudFront logs to CloudWatch. I know that it is possible to save CloudFront logs to S3 bucket and later, I can use lambda function which can be triggered by S3 to send logs to CloudWatch. There is also a possibility to look at streamed logs using Amazon Kinesis Data Streams. However I want to know that if some CloudFront configurations exist to send the logs to CloudWatch. Helpful answers are appreciated. Thanks in advance!
Suppose multiple aws services are running (like EC2,S3) and If someone changes the configuration of these services , I want to know immediately and want to pull the updated configuration. So how can i listen to these services to pull configuration immediately . I went through couple of options like aws SNS and all. But i don't want to implement this using any aws services for this.
I am using spring boot application. Any help is appreciated , Thanks in advance.
The two services you should be interested in are:
AWS CloudTrail:
AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.
AWS Config:
AWS Config provides a detailed view of the configuration of AWS resources in your AWS account. This includes how the resources are related to one another and how they were configured in the past so that you can see how the configurations and relationships change over time.
You can also configure Amazon CloudWatch Events rules that trigger when a particular API call is made (eg when a user changes some configuration). This could trigger a notification, a Lambda function, etc.
See:
Creating a CloudWatch Events Rule That Triggers on an AWS API Call Using AWS CloudTrail - Amazon CloudWatch Events
How to monitor AWS account activity with Cloudtrail, Cloudwatch Events and Serverless
I need a way to log API gateway deployments (date/time, user, swagger diff etc.). Is there an event thats fired that i can attach a lambda to, or alternatively is this information already available on the dashboard somewhere?
As Krishna mentioned, CloudTrail can capture API events (both from the AWS console as well as the AWS APIs) for API Gateway, including the deployment of APIs. Since CloudTrail stores the events in S3, you can take advantage of S3 bucket notifications as a means to trigger your Lambda function.
I have a DynamoDB application and it seems to be running well and using normal throughput generally. However once in a while it seems to spike pretty high (latest kicked up over 300, normal is around 10-20 max). I've looked through the code and I'm having a bit of trouble figuring out what it is that is causing these spikes. Is there any type of history of the calls in DynamoDB that could tell me what exactly were the calls that caused the spiking?
You can enable the cloudtrail logs for the dynamoDB.It will deliver these log files to S3 bucket. Taken directly from the AWS Docs :-
DynamoDB is integrated with CloudTrail, a service that captures
low-level API requests made by or on behalf of DynamoDB in your AWS
account and delivers the log files to an Amazon S3 bucket that you
specify. CloudTrail captures calls made from the DynamoDB console or
from the DynamoDB low-level API. Using the information collected by
CloudTrail, you can determine what request was made to DynamoDB, the
source IP address from which the request was made, who made the
request, when it was made, and so on. To learn more about CloudTrail,
including how to configure and enable it, see the AWS CloudTrail User
Guide.
Please follow the aws dynamoDB cloudtrail logging to enable it.