Table of Contents
“Why don’t I see my application logs in CloudWatch?”
That was the question bugging Arjun, again. His EC2 instance was running fine, but CloudWatch looked empty. No logs. No memory usage. No granular CPU stats.
Until he discovered CloudWatch Agent — the bridge between your EC2 instance and CloudWatch magic.
💭 First, the Problem
By default, EC2 instances don’t send logs or detailed system metrics to CloudWatch.
- You won’t see your
/var/log/app.login CloudWatch Logs. - You won’t get memory or disk space metrics in CloudWatch Metrics.
So how do you fix that?
You install a small agent inside your EC2. That’s it.
🛠️ What is the CloudWatch Agent?
Think of the CloudWatch Agent as your instance’s personal messenger to CloudWatch.
It collects:
- 🔹 Logs (like application or system logs)
- 🔹 Metrics (like RAM usage, disk I/O, network stats)
And sends them to CloudWatch in near real-time.
There are two types of agents:
| Agent Type | Purpose | Status |
| CloudWatch Logs Agent | Sends only logs | Old |
| CloudWatch Unified Agent | Sends logs + metrics | New & Recommended ✅ |
🚀 Arjun’s Setup Story
Let’s walk through how Arjun set it up:
🧱 Step 1: Attach IAM Role
Arjun created an IAM Role with CloudWatchAgentServerPolicy and attached it to his EC2 instance.
🔐 This gave permission for the agent to push logs and metrics to CloudWatch.
🧩 Step 2: Install the Agent
He used the official CloudWatch Agent installation script for Amazon Linux 2.CopyCopy
sudo yum install amazon-cloudwatch-agent
🧰 Step 3: Configure It
Arjun chose CloudWatch Unified Agent, which can be configured in two ways:
- Using a JSON file locally
- Or more elegantly, from SSM Parameter Store for centralized setup!
SSM config? Yes — with Unified Agent, he could control multiple agents from one place. No more SSH-ing into 10 servers.
📦 What Did He Get?
After setup, Arjun’s CloudWatch dashboard transformed:
📄 Logs:
/var/log/syslog/home/app/error.log- Custom logs from his app
📊 Metrics:
| Type | Examples |
| CPU | user, system, idle, steal |
| RAM | free, used, cache, active |
| Disk I/O | reads/sec, writes/sec, bytes |
| Network | TCP/UDP connections, packets, errors |
| Processes | running, sleeping, dead |
| Swap | usage, percentage |
And guess what? EC2’s default CloudWatch metrics don’t even include memory or swap. You need this agent for those!
💡 Bonus: Works On-Prem Too
Running a server on-premises?
Yes, Arjun did that too. He installed the same Unified Agent on a Linux VM in his local data center — and logs flowed into AWS CloudWatch.
CloudWatch doesn’t care where the server is — as long as the agent is installed and has permissions.
🎓 SAA Exam Tip
✅ Unified CloudWatch Agent = Logs + Granular Metrics + SSM Support
❌ Old Logs Agent = Logs only, no metrics, no SSM
✅ You must give EC2 instances the right IAM role
✅ Works on EC2 or on-prem VMs
🧘 Arjun’s Takeaway
Before the agent, he was blind. After it, he had superpowers.
So next time you’re not seeing logs or memory stats from EC2, remember:
Install the CloudWatch Unified Agent.
FAQ
Q1. What is the CloudWatch Agent?
The CloudWatch Agent is a tool that collects logs and metrics (like memory, disk, and network) from your EC2 instances or on-prem servers and sends them to Amazon CloudWatch.
Q2. How do I install the CloudWatch Agent on EC2?
Attach the IAM role with CloudWatchAgentServerPolicy, then install it using sudo yum install amazon-cloudwatch-agent on Amazon Linux 2.
Q3. What’s the difference between CloudWatch Logs Agent and CloudWatch Unified Agent?
The old Logs Agent only sends logs. The Unified CloudWatch Agent collects both logs and detailed system metrics and supports centralized configuration via SSM — making it the recommended choice.
Q4. Can I use CloudWatch Agent on on-prem servers?
Yes. You can install it on Linux or Windows VMs outside AWS. As long as the agent has valid AWS credentials, logs and metrics will flow into CloudWatch.
Read More on AWS Monitoring
- Amazon CloudWatch Logs Insights: A Beginner’s Guide
- Difference between AWS CloudWatch, CloudTrail and Config
- Understanding AWS EventBridge: The Automation Service Explained
- Understanding AWS CloudWatch Alarms: Listen to Your Cloud Signals
- How CloudWatch Agent Completes EC2 Monitoring: A Comprehensive Guide
- Understanding Live Tail in Amazon CloudWatch Logs
- Master AWS Resource Monitoring with CloudWatch Metrics
- An Introduction to CloudWatch Logs: What You Need to Know
- Understanding Amazon CloudWatch: A Comprehensive Guide
