Running servers in on-prem data center may mean having an infrastructure-monitoring solution that runs alongside each server. This solution often consumes just as many resources as the application it’s supposed to be monitoring!
CloudWatch is an AWS service that captures the logs and server metrics from various sources. CloudWatch collects information from resources like EC2 (Elastic Compute Cloud) instances or on-prem servers. It then consolidates them into one central location in AWS.
By the end of this tutorial, you’ll be able to install the AWS CloudWatch agent on a Windows EC2 instance and configure it to send logs into CloudWatch.
Prerequisites
To follow along, you’ll need the following:
An AWS Account A 64-bit Windows Server EC2 instance OR an on-prem server running Server 2008 or later The key file associated with the instance (EC2 instances only)
Connecting to a Windows EC2 Instance
The first step in setting up CloudWatch is installing the CloudWatch agent. The agent is what sends information back to AWS that your server generates. Before you can do that though, you first need to connect to your Windows EC2 instance.
To connect to a Windows EC2 instance, you’ll need to get two pieces of information from the EC2 section in your AWS console for the Windows instance you want to login to: the Public DNS name and the key file associated with the instance.
Once you have those, go into the EC2 service from the AWS console, right-click on the instance, then select “Get Windows Password.” Once here, you’ll be prompted for the key file, and if you have the correct one, it will get you to the screen below.
That being said, if you are able to retrieve the Windows password, copy it and save it for later in a password manager. Now, open a remote desktop client and log in to the server by using the Public DNS name from earlier with the credentials above. If you did everything correctly, you should see a familiar sight: The Windows server desktop.
Installing the CloudWatch Agent
Start by opening a PowerShell window on your EC2 instance and entering the commands below. The first command will download the CloudWatch installer to the local user profile and the second will execute the installer.
Once the installer has been run, you’ll notice that a new Windows service for CloudWatch is installed on the server. This service is what allows CloudWatch to run in the background collecting the information it needs to.
Confirm that the service has been installed and is not running by using the Get-Service cmdlet in the screenshot below. Don’t start it yet, you’ll need to configure it first, which you’ll do that in the next section.
Configuring CloudWatch
By default, the wizard saves the config file to the user profile as config.json, but it’s also possible to save them to the AWS Systems Manager. The Systems Manager will allow you to have the same configuration versioned and easily accessible to several instances at a time, but requires that the AWS configuration is done for each of those instances.
Following is a sample configuration file generated by the wizard. Your file might be a little different; the file below is only a basic example.
Starting the CloudWatch Agent
If you now rerun the Get-Service cmdlet from earlier, you will see that the CloudWatch agent service is now running as shown below.
Additionally, if you go to the CloudWatch page in the AWS console, under the “Metrics” section on the left, select the “All-Metrics” tab, then go under All > EC2 > Per-Instance Metrics, you will see your instance metrics reporting to CloudWatch as shown below.
Conclusion
You should now be able to set up AWS CloudWatch on Windows EC2 instances. With some small changes to the commands, the same process will work for on-prem servers, too. From here, you can set up alarms to alert you if something goes wrong, log groups to aggregate application logs from your servers, and automate the installation of the CloudWatch agent using PowerShell.