- Install the unified CloudWatch agent on Windows EC2 instances - Mon, Nov 28 2022
In this guide, we are going to use AWS Systems Manager for installing the agent and storing the configuration file in the Parameter Store.
Create the IAM role
We need to create an IAM role using the policies AmazonEC2RolesforSSM, CloudWatchAgentAdmin, and CloudWatchAgentServer, and then attach that role to the EC2 instance we are about to create.
The AmazonEC2RolesforSSM policy allows the instances to communicate with the Systems Manager API so that Systems Manager can install and configure the CloudWatch agent.
The CloudwatchAgentServer policy provides permissions to read information from instances and write to the CloudWatch service.
The CloudwatchAgentAdmin policy provides permission to read information from an instance and write it to CloudWatch with additional permission to write to the SSM Parameter Store. You have to be careful with this role and assign it only to the instance that is going to save the configuration file in the Parameter Store.
Creating an IAM role with a name
Adding the required permissions to the IAM role
Adding the required permissions to the IAM role
Create an EC2 Windows instance and install IIS
The following PowerShell commands will help you install IIS and configure a default website.
You can use the script either together with the User Data section while launching the instance or after creating the instance.
<powershell>Install-WindowsFeature -name Web-Server -IncludeManagementTools New-Item -Path C:\inetpub\wwwroot\index.html -ItemType File -Value "Welcome to the IIS Webserver Home Page" -Force</powershell>
Launch the EC2 instance with Windows Server 2022 Full free tier installed.
When configuring the EC2 instance, choose the IAM role EC2roleforSSM from the dropdown list (see screenshot below), which you have already created. Include the above PowerShell script under User Data. If you don't have a key pair, create one.
Example of creating an instance
Details of the IAM instance profile
Find the PowerShell script under User Data Info
Upon creating an instance, wait until it runs, and a health check has been completed. When the instance is running, use the key pair to obtain the instance's administrator password. Once you have successfully logged into the instance, launch a web browser and type in http://localhost to see a welcome message from the IIS web server.
Web server home page
Download and install the unified CloudWatch agent
Next, we use AWS System Manager to install the CloudWatch agent.
Go to the AWS Systems Manager > Fleet Manager. The server will appear under Managed nodes.
The managed instance is displayed under Fleet Manager
Using the Systems Manager, click the Run Command button. Choose AWS-ConfigureAWS Package, and for the command parameters' name, type AmazonCloudWatchAgent (case-sensitive). Select your instance, and then click Run. As a result, an agent will be installed on the instance.
Agent installation is complete and the results are displayed in the Output field
Create a configuration file and save it to the AWS Parameter Store
After the successful installation of the CloudWatch agent, look for the CloudWatch installation wizard, which can be found on the server in the following location:
C:\ProgramFiles\Amazon\AmazonCloudWatchAgent
We need this CloudWatch installation wizard to create the configuration file.
Location of CW installation wizard
Log in to the EC2 instance, open a terminal, and navigate to the CloudWatch installation wizard.
cd C:\ProgramFiles\Amazon\AmazonCloudWatchAgent
Then execute the command amazon-cloudwatch-agent-config-wizard to run the Amazon CloudWatch configuration wizard. To accept the default settings, you just have to press Enter.
Creating a config file for IIS log files
Predefined metrics that you can monitor with CloudWatch are configured in the wizard with different levels of detail. For the default metrics, choose Option 2 to select Standard. In the Standard option, there are metrics included for memory, paging, processor, logical disk, and physical disk.
For the default choices press Enter. For the default metrics configuration I choose Standard number 2
In the next step, you'll be asked to monitor any customized log files. Press Enter to choose the default option. Because we want to monitor IIS log files in our example, you have to choose a log file path such as C:\Inetpub\logs\LogFiles\W3SVC1\*.log, and you have to give it the log group name (IIS-LOG-Files).
Naming the IIS log path location
We also want to monitor Windows system logs. Follow the steps given in the screenshots, and choose the XML format in Windows Event Viewer to store the Windows Events in the CloudWatch logs.
Monitor any Windows event logs
Configurations to monitor Windows event logs
If you want to specify additional log files to monitor, then choose Option 2.
In the final step, save the configuration file to a Parameter Store.
Save the configuration files to the Parameter Store
The Parameter Store of AWS Systems Manager contains the location of your configuration file.
See the screenshot below for additional details.
Parameter Store location in Systems Manage
Configure the CloudWatch agent
In the AWS Systems Manager, open the Run command and choose AmazonCloudWatch-ManageAgent and in the command parameters section type the parameter name AmazonCloudWatch-windows (see the screenshots for additional details). Click Run command to execute.
Select AmazonCloudWatch ManagementAgent under Run Command
Provide a configuration file name in the Optional Configuration Location field
Agent executed successfully with the output displayed on the screen
Now our configuration is complete.
Monitoring metrics with CloudWatch
Navigate to CloudWatch > Log groups > IIS-Log-Files to view the IIS logs with CloudWatch. The system logs can be found in CloudWatch > Log groups > System. The dashboard summarizes all your monitored logs.
Systems Logs on Service Dashboard
CloudWatch metric
CloudWatch Log Insight allows you to explore and analyze your data in Amazon Cloudwatch logs interactively.
Conclusion
When any issues occur, you can use queries to identify potential causes quickly. You can also visualize your log data to gain more insight. You just saw how easy it is to set up and deploy the agent, collect metrics and logs from your EC2 instances, and provide actionable data.
I would like to remind you to delete all the resources you have created for this project to avoid any additional charges from Amazon Web Services. If you have any questions, please feel free to leave a comment below.
