Overview
This Guidance helps you implement the observability capability in your cloud environment. Observability enables you to gather and analyze operational data about system and application activities. This includes the analysis of data to identify anomalies, indicators of compromise, performance, and configuration changes. Building observability into your cloud foundation will help you establish a reliable, secure, and scalable environment to deploy, operate, and govern your cloud workloads.
How it works
These technical details feature an architecture diagram to illustrate how to effectively use this solution. The architecture diagram shows the key components and their interactions, providing an overview of the architecture's structure and functionality step-by-step.
Step 1
Deploy and configure log analysis tools and filters to identify key events within your AWS Organization using sources from an AWS CloudTrail organization trail and events in Amazon EventBridge.
Step 2
Centralize log visibility across your AWS Organization using Amazon CloudWatch cross-account observability.
Step 3
Build CloudWatch metrics to filter and alert based on key performance indicators and operational events.
Step 4
Build and share dashboards and visualizations using CloudWatch, and set up CloudWatch alarms that notify you when resources reach a pre-defined threshold.
Step 5
Centralize persistent long-term log storage for CloudWatch logs, CloudTrail logs, and AWS Config logs to manage lifecycle and cost optimization.
Step 6
Implement automated log archival by exporting CloudWatch logs to a centralized Amazon Simple Storage Service (Amazon S3) bucket.
Step 7
Centralize operational and security events across your AWS Organization by using EventBridge and EventBridge rules.
Step 8
Define EventBridge rules to send notifications to actionable team members using Amazon Simple Notification Service (Amazon SNS) topics.