Implementing customized metrics by using CloudWatch

Task Statement 4.2: Validate and audit security by using network monitoring and logging services.

📘AWS Certified Advanced Networking – Specialty

1. What Are Customized (Custom) Metrics?

In Amazon CloudWatch, AWS services (like EC2, ELB, etc.) automatically send default metrics such as CPU utilization or network traffic.

However, in many real IT environments, these default metrics are not enough.

👉 Custom metrics are user-defined metrics that you create and send to CloudWatch to monitor specific application or network behavior.

2. Why Custom Metrics Are Important (Exam Point)

For the exam, remember this:

✔ Default metrics = basic infrastructure monitoring
✔ Custom metrics = deep visibility and security monitoring

Custom metrics help you:

  • Monitor application-level performance
  • Track security-related events
  • Measure network behavior not available by default
  • Create precise CloudWatch alarms

3. Common IT Use Cases (Important)

You should understand where custom metrics are used:

a) Application Monitoring

  • Number of failed login attempts
  • API request count
  • Application error rates

b) Network Monitoring

  • Dropped packets on a custom firewall
  • Latency between services
  • Custom throughput tracking

c) Security Monitoring

  • Unauthorized access attempts
  • Suspicious traffic patterns
  • Port scanning detection counters

4. How Custom Metrics Work

Basic Flow:

  1. Your application or system generates data
  2. You send the data to CloudWatch
  3. CloudWatch stores and processes it
  4. You create alarms or dashboards based on it

5. Ways to Send Custom Metrics to CloudWatch

1. Using CloudWatch Agent

  • Installed on EC2 or on-premises servers
  • Collects:
    • Memory usage
    • Disk usage
    • Application logs

✔ Very important for exam:
Default EC2 metrics do NOT include memory usage, so you must use an agent.

2. Using AWS CLI or SDK (PutMetricData API)

You can directly send custom metrics using:

  • AWS CLI
  • AWS SDK (Python, Java, etc.)

This uses the PutMetricData API

✔ Key exam keyword: PutMetricData

3. Using Logs → Metrics (Metric Filters)

You can convert logs into metrics.

Example:

  • Logs contain “ERROR”
  • Create a metric counting ERROR occurrences

✔ This is called a Metric Filter

4. Using Embedded Metric Format (EMF)

  • Application logs structured in JSON
  • Automatically converted into metrics

✔ Used in modern cloud-native applications

6. Components of a Custom Metric

Every custom metric includes:

a) Namespace

  • Logical container (like a folder)
  • Example: MyApp/Network

b) Metric Name

  • Name of the metric
  • Example: FailedLoginAttempts

c) Dimensions (Very Important for Exam)

  • Key-value pairs used to filter metrics

Example:

  • InstanceId = i-12345
  • Environment = Production

✔ Dimensions allow fine-grained monitoring

d) Timestamp

  • When the data was recorded

e) Value

  • Numeric value of the metric

7. Metric Resolution (High vs Standard)

Standard Resolution

  • 1-minute intervals

High Resolution (Important)

  • 1-second intervals

✔ Use high resolution when:

  • Monitoring critical systems
  • Detecting fast changes

✔ Exam tip: High resolution = higher cost

8. Creating Alarms Using Custom Metrics

Custom metrics can trigger CloudWatch alarms.

Example conditions:

  • Value > threshold
  • Value < threshold
  • Sudden spike

Alarm Actions:

  • Send notification (SNS)
  • Trigger Lambda
  • Auto scaling

✔ Very important for security automation

9. Aggregation and Statistics

CloudWatch can calculate:

  • Average
  • Sum
  • Minimum
  • Maximum
  • Sample count

✔ Helps analyze trends and detect anomalies

10. Integration with Other AWS Services

Custom metrics work with:

  • CloudWatch Dashboards → visualization
  • CloudWatch Alarms → alerting
  • AWS Lambda → automation
  • AWS Auto Scaling → scaling actions

11. Cost Considerations (Exam Important)

Custom metrics are not free.

Charges depend on:

  • Number of metrics
  • Frequency (resolution)
  • API calls

✔ Key idea:
High-resolution + many dimensions = higher cost

12. Best Practices (Highly Important for Exam)

1. Use Meaningful Names

  • Clear naming for metrics and namespaces

2. Limit Dimensions

  • Too many dimensions increase cost and complexity

3. Use Metric Filters for Logs

  • Efficient way to monitor logs without extra code

4. Use High Resolution Only When Needed

  • Avoid unnecessary cost

5. Monitor Security Events

  • Failed logins, unusual traffic, etc.

13. Common Exam Scenarios

You may see questions like:

Scenario 1:

Default metrics don’t include memory usage
✔ Solution: Use CloudWatch Agent

Scenario 2:

Need to count “ERROR” logs
✔ Solution: Use Metric Filter

Scenario 3:

Application sends custom performance data
✔ Solution: Use PutMetricData API

Scenario 4:

Need fast detection (seconds)
✔ Solution: Use High-resolution custom metrics

14. Key Terms to Remember

  • Custom Metrics
  • Namespace
  • Dimensions
  • PutMetricData
  • Metric Filters
  • CloudWatch Agent
  • High Resolution Metrics
  • Embedded Metric Format (EMF)

15. Final Summary (Quick Revision)

  • Custom metrics allow advanced monitoring beyond default AWS metrics
  • You can send them using:
    • Agent
    • API
    • Logs (metric filters)
  • They are essential for:
    • Security monitoring
    • Application performance
    • Network analysis
  • They integrate with alarms and automation
  • Must manage cost carefully
Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by