AWS EC2¶

Use the "TrueWatch Cloud Sync" script package in the script market to synchronize cloud monitoring and cloud asset data to TrueWatch

Configuration¶

Install Func¶

It is recommended to activate the TrueWatch Integration - Extensions - DataFlux Func (Automata): All prerequisites are automatically installed, please proceed with the script installation.

If you are deploying Func manually, refer to Manual Deployment of Func

Activate Script¶

Note: Please prepare the required Amazon AK in advance (for simplicity, you can directly grant global read-only permissions ReadOnlyAccess)

Activate Script in DataFlux Func (Automata)¶

Log in to the TrueWatch console
Click the 【Integration】 menu and select 【Cloud Account Management】
Click 【Add Cloud Account】, select 【AWS】, and fill in the required information on the interface. If you have already configured the cloud account information before, ignore this step
Click 【Test】, and after a successful test, click 【Save】. If the test fails, please check if the relevant configuration information is correct and test again
Click 【Cloud Account Management】, and you can see the added cloud account in the list. Click the corresponding cloud account to enter the details page
Click the 【Integration】 button on the cloud account details page, find AWS EC2 under the Not Installed list, and click the 【Install】 button to install it in the pop-up installation interface.

Activate Script Manually¶

Log in to the Func console, click on 【Script Market】, enter the TrueWatch script market, and search for: integration_aws_ec2
Click on 【Install】, and enter the corresponding parameters: AWS AK ID, AK Secret, and account name.
Click on 【Deploy Startup Script】, the system will automatically create a Startup script set and automatically configure the corresponding startup script.
After activation, you can see the corresponding automatic trigger configuration in 「Management / Automatic Trigger Configuration」. Click on 【Execute】 to execute it immediately without waiting for the scheduled time. After a while, you can view the execution task records and corresponding logs.

Verification¶

In 「Management / Automatic Trigger Configuration」, confirm whether the corresponding task has the corresponding automatic trigger configuration, and you can also check the corresponding task records and logs to see if there are any exceptions.
In TrueWatch, check whether the asset information exists in 「Infrastructure / Custom」.
In TrueWatch, check whether there is corresponding monitoring data in 「Metrics」.

Metrics¶

After configuring Amazon Cloud Monitoring, the default Measurement is as follows, and more Metrics can be collected through configuration Amazon Cloud Monitoring Metrics Details

Note: If you find that memory and disk Metrics are not reported, go to the AWS console to manually enable collection.

Instance Metrics¶

The AWS/EC2 namespace includes the following instance Metrics.

Metric	Description
`CPUUtilization`	The percentage of physical CPU time that Amazon EC2 uses to run the EC2 instance, including the time spent running user code and Amazon EC2 code. At a high level, `CPUUtilization` is the sum of guest `CPUUtilization` and hypervisor `CPUUtilization`. Due to factors such as legacy device emulation, non-legacy device configuration, interrupt-intensive workloads, live migration, and live updates, the percentage displayed by tools in the operating system may differ from CloudWatch. Unit: Percentage
`DiskReadOps`	The number of read operations completed from all instance store volumes available to the instance during the specified period. To calculate the average I/O operations per second (IOPS) for the period, divide the total number of operations by the total number of seconds. If there are no instance store volumes, the value is 0 or the Metric is not reported. Unit: Count
`DiskWriteOps`	The number of write operations completed to all instance store volumes available to the instance during the specified period. To calculate the average I/O operations per second (IOPS) for the period, divide the total number of operations by the total number of seconds. If there are no instance store volumes, the value is 0 or the Metric is not reported. Unit: Count
`DiskReadBytes`	The number of bytes read from all instance store volumes available to the instance. This Metric is used to determine the amount of data that the application reads from the instance's hard disk. It can be used to determine the speed of the application. The reported number is the number of bytes received during the period. If you are using basic (5-minute) monitoring, you can divide this number by 300 to get bytes/second. If you are using detailed (1-minute) monitoring, divide it by 60. You can also use the CloudWatch Metric math function `DIFF_TIME` to find the number of bytes per second. For example, if you plot `DiskReadBytes` as `m1` in CloudWatch, the Metric math formula `m1/(DIFF_TIME(m1))` will return the Metric in bytes/second. For more information on `DIFF_TIME` and other Metric math functions, see Using Metric Math in the Amazon CloudWatch User Guide. If there are no instance store volumes, the value is 0 or the Metric is not reported. Unit: Bytes
`DiskWriteBytes`	The number of bytes written to all instance store volumes available to the instance. This Metric is used to determine the amount of data that the application writes to the instance's hard disk. It can be used to determine the speed of the application. The reported number is the number of bytes received during the period. If you are using basic (5-minute) monitoring, you can divide this number by 300 to get bytes/second. If you are using detailed (1-minute) monitoring, divide it by 60. You can also use the CloudWatch Metric math function `DIFF_TIME` to find the number of bytes per second. For example, if you plot `DiskWriteBytes` as `m1` in CloudWatch, the Metric math formula `m1/(DIFF_TIME(m1))` will return the Metric in bytes/second. For more information on `DIFF_TIME` and other Metric math functions, see Using Metric Math in the Amazon CloudWatch User Guide. If there are no instance store volumes, the value is 0 or the Metric is not reported. Unit: Bytes
`MetadataNoToken`	The number of successful accesses to the instance metadata service without a token. This Metric is used to determine if any process is accessing instance metadata using instance metadata service version 1 without using a token. If all requests use sessions that support tokens (i.e., instance metadata service version 2), the value is 0. For more information, see Transition to Using Instance Metadata Service Version 2. Unit: Count
`NetworkIn`	The number of bytes received by the instance on all network interfaces. This Metric is used to determine the incoming network traffic to a single instance. The reported number is the number of bytes received during the period. If you are using basic (5-minute) monitoring and the statistic is Sum, you can divide this number by 300 to get bytes/second. If you are using detailed (1-minute) monitoring and the statistic is Sum, divide it by 60. You can also use the CloudWatch Metric math function `DIFF_TIME` to find the number of bytes per second. For example, if you plot `NetworkIn` as `m1` in CloudWatch, the Metric math formula `m1/(DIFF_TIME(m1))` will return the Metric in bytes/second. For more information on `DIFF_TIME` and other Metric math functions, see Using Metric Math in the Amazon CloudWatch User Guide. Unit: Bytes
`NetworkOut`	The number of bytes sent by the instance on all network interfaces. This Metric is used to determine the outgoing network traffic from a single instance. The reported number is the number of bytes sent during the period. If you are using basic (5-minute) monitoring and the statistic is Sum, you can divide this number by 300 to get bytes/second. If you are using detailed (1-minute) monitoring and the statistic is Sum, divide it by 60. You can also use the CloudWatch Metric math function `DIFF_TIME` to find the number of bytes per second. For example, if you plot `NetworkOut` as `m1` in CloudWatch, the Metric math formula `m1/(DIFF_TIME(m1))` will return the Metric in bytes/second. For more information on `DIFF_TIME` and other Metric math functions, see Using Metric Math in the Amazon CloudWatch User Guide. Unit: Bytes
`NetworkPacketsIn`	The number of packets received by the instance on all network interfaces. This Metric identifies the amount of incoming traffic based on the number of packets on a single instance. This Metric is only available for basic monitoring (5-minute periods). To calculate the number of packets received per second (PPS) by the instance in 5 minutes, divide the Sum statistic by 300. You can also use the CloudWatch Metric math function `DIFF_TIME` to find the number of packets per second. For example, if you plot `NetworkPacketsIn` as `m1` in CloudWatch, the Metric math formula `m1/(DIFF_TIME(m1))` will return the Metric in packets/second. For more information on `DIFF_TIME` and other Metric math functions, see Using Metric Math in the Amazon CloudWatch User Guide. Unit: Count
`NetworkPacketsOut`	The number of packets sent by the instance on all network interfaces. This Metric identifies the amount of outgoing traffic based on the number of packets on a single instance. This Metric is only available for basic monitoring (5-minute periods). To calculate the number of packets sent per second (PPS) by the instance in 5 minutes, divide the Sum statistic by 300. You can also use the CloudWatch Metric math function `DIFF_TIME` to find the number of packets per second. For example, if you plot `NetworkPacketsOut` as `m1` in CloudWatch, the Metric math formula `m1/(DIFF_TIME(m1))` will return the Metric in packets/second. For more information on `DIFF_TIME` and other Metric math functions, see Using Metric Math in the Amazon CloudWatch User Guide. Unit: Count

CPU Metrics¶

The AWS/EC2 namespace includes the following CPU credit Metrics for Burstable Performance Instances.

Metric	Description
`CPUCreditUsage`	The number of CPU credits spent by the instance to maintain CPU usage. One CPU credit equals one vCPU running at 100% utilization for one minute, or an equivalent combination of vCPU, utilization, and time (for example, one vCPU running at 50% utilization for two minutes, or two vCPUs running at 25% utilization for two minutes). CPU credit Metrics are only provided every 5 minutes. If you specify a period greater than five minutes, use the `Sum` statistic, not the `Average` statistic. Unit: Credits (vCPU minutes)
`CPUCreditBalance`	The number of CPU credits that the instance has accumulated since launch. For T2 standard, `CPUCreditBalance` also includes the accumulated launch credits. After credits are earned, they are added to the credit balance; after credits are spent, they are deducted from the credit balance. The credit balance has a maximum limit, which is determined by the instance size. After the limit is reached, any new credits earned are discarded. For T2 standard, launch credits do not count towards the limit. The instance can spend credits in `CPUCreditBalance` to burst above the baseline CPU usage. Credits in `CPUCreditBalance` do not expire while the instance is running. When a T3 or T3a instance is stopped, the `CPUCreditBalance` value is retained for seven days. After that, all accumulated credits are lost. When a T2 instance is stopped, the `CPUCreditBalance` value is not retained, and all accumulated credits are lost. CPU credit Metrics are only provided every 5 minutes. Unit: Credits (vCPU minutes)
`CPUSurplusCreditBalance`	The number of surplus credits spent by the instance when the `unlimited` value is zero. The `CPUSurplusCreditBalance` value is paid for by earned CPU credits. If the number of surplus credits spent exceeds the maximum number of credits that the instance can earn in a 24-hour period, the spent surplus credits that exceed the maximum number of credits will incur additional charges. CPU credit Metrics are only provided every 5 minutes. Unit: Credits (vCPU minutes)
`CPUSurplusCreditsCharged`	The number of surplus credits spent that are not paid for by earned CPU credits and will incur additional charges. Surplus credits spent are charged when either of the following occurs: The number of surplus credits spent exceeds the maximum number of credits that the instance can earn in a 24-hour period. For spent surplus credits that exceed the maximum number of credits, you will be charged at the end of the hour. The instance is stopped or terminated. The instance switches from `unlimited` to `standard`. CPU credit Metrics are only provided every 5 minutes. Unit: Credits (vCPU minutes)

Status Check Metrics¶

The AWS/EC2 namespace includes the following status check Metrics. By default, status check Metrics are provided free of charge at a 1-minute frequency. For newly launched instances, status check Metric data is only provided after the instance completes the initialization state (a few minutes after the instance enters the running state). For more information on EC2 status checks, see Status Checks for Your Instances. | Metric | Description | | :----------------------------- | :----------------------------------------------------------- | |StatusCheckFailed|Reports whether the instance passed the instance status check and the system status check in the last minute. This Metric can be 0 (passed) or 1 (failed). By default, this Metric is provided free of charge at a 1-minute frequency. Unit: Count| |StatusCheckFailed_Instance|Reports whether the instance passed the instance status check in the last 1 minute. This Metric can be 0 (passed) or 1 (failed). By default, this Metric is provided free of charge at a 1-minute frequency. Unit: Count| |StatusCheckFailed_System|Reports whether the instance passed the system status check in the last minute. This Metric can be 0 (passed) or 1 (failed). By default, this Metric is provided free of charge at a 1-minute frequency. Unit: Count|

Objects¶

The collected AWS EC2 object data structure can be seen in 「Infrastructure - Custom」

{
  "measurement": "aws_ec2",
  "tags": {
    "name"           : "i-0d7620xxxxxxx",
    "InstanceId"     : "i-0d7620xxxxxxx",
    "InstanceType"   : "c6g.xlarge",
    "PlatformDetails": "Linux/UNIX",
    "RegionId"       : "cn-northwest-1",
    "InstanceName"   : "test",
    "State"          : "running",
    "StateReason_Code"   : "Client.UserInitiatedHibernate",
    "AvailabilityZone": "cn-northwest-1",
  },
  "fields": {
    "BlockDeviceMappings": "{Device JSON Data}",
    "LaunchTime"         : "2021-10-26T07:00:44Z",
    "NetworkInterfaces"  : "{Network JSON Data}",
    "Placement"          : "{Availability Zone JSON Data}",
    "message"            : "{Instance JSON Data}"
  }
}

Note: The fields in tags and fields may change with subsequent updates.

Tip 1: The value of tags.name is the instance ID, which is used as a unique identifier Tip 2: fields.message, fields.NetworkInterfaces, fields.BlockDeviceMappings are JSON serialized strings