DEV Community

Osama Gamal
Osama Gamal

Posted on • Edited on

Install and Configure CloudWatch Agent on Windows EC2 using System Manager

In this article we will install and configure the CloudWatch Agent using Systems Manager by following these steps.

Steps:

1. Creating IAM Role
We need First to Create EC2 Role For System Manager and CloudWatch Agent and here is the steps for that:

  • Create an IAM Role:
    Go to the IAM Console.
    In the left navigation pane, choose "Roles" and then click on "Create role."
    Choose "AWS service" as the trusted entity and select "EC2" as the use case. Click "Next: Permissions."

  • Attach Policies:
    In the "Permissions" step, search for and attach the following managed policies:
    AmazonEC2RoleforSSM
    AmazonSSMManagedInstanceCore
    CloudWatchAgentAdminPolicy
    CloudWatchAgentServerPolicy

  • Review and Create:
    Provide a name for your role then
    Click "Create role."

You Can Check the role permissions from the image below.

EC2 Role

2. Launching Windows EC2 Instance
Now we will launch Windows Ec2 instance that we will install and configure the system agent on it and here is the steps for that:

  • Launch Windows EC2 Instance: Go to the EC2 Console. Click "Launch Instance." Choose a Windows AMI and select the instance type. In the "Configure Instance Details" step, configure settings such as instance number, VPC, subnet and security group.

Note: Configure the security group that allows inbound RDP traffic (port 3389) for remote desktop access.

  • Create or Select Key Pair: Choose an existing key pair or create a new one to allow us to connect to the instance through remote desktop access.

Note: Choose "Pem" type for the key.

  • Attach the IAM Role:
    go to the "Advanced details" then "IAM instance profile"
    then choose the IAM role that we have created in step 1.

  • Review and Launch:
    Review your configurations and click "Review and Launch."
    you need to wait about 10 minutes until the EC2 launch complete before going to the next step.

You Can Check the EC2 details and configuration from the image below.

EC2 Review

3. Installing CloudWatch Agent using System Manager
Now we will use System Manager to install CloudWatch Agent

  • Open the AWS Systems Manager Console:
    Navigate to the SSM Console.

  • Run Command:
    In the left navigation pane, choose "Run Command." then select the "AWS-ConfigureAWSPackage" document.
    In the Document version choose "latest version at runtime".
    In the Action choose "install".
    In the Installation Type choose "Uninstall and reinstall".
    In the Name box, type "AmazonCloudWatchAgent".
    In the Target selection choose "Choose instances manually" then specify the instance that we had deployed in step 2.

RunCommand configuration-1

RunCommand configuration-2

RunCommand configuration-3

  • Review and Run: Review your configurations and click "Run" you need to wait about until Command execution success.

RunCommand Success

Congratulations. By completing the above steps you succeeded to install the cloud watch agent.
now we will connect to the ec2 instance to start configuring the cloud watch agent.

4. Configuring CloudWatch Agent
Now we will access the ec2 instance to create the cloud watch configuration.

  • Access Windows EC2 Instance: Go to the EC2 Console , connect to your EC2 using Remote Desktop Protocol (RDP) with the provided key pair.

Connect to Ec2

  • Creating the CloudWatch configuration using wizard : Open your CMD, We will now go to the "amazon-cloudwatch-agent-config-wizard.exe" to start making our configuration to go to the wizard path you need to put this command.
cd "c:\Program Files\Amazon\AmazonCloudWatchAgent"
Enter fullscreen mode Exit fullscreen mode

now run this command to open the wizard

amazon-cloudwatch-agent-config-wizard.exe
Enter fullscreen mode Exit fullscreen mode

opening the wizard
now choose your configuration based on your requirements
below is my configuration choices and configuration file

c:\Program Files\Amazon\AmazonCloudWatchAgent>amazon-cloudwatch-agent-config-wizard.exe
================================================================
= Welcome to the Amazon CloudWatch Agent Configuration Manager =
=                                                              =
= CloudWatch Agent allows you to collect metrics and logs from =
= your host and send them to CloudWatch. Additional CloudWatch =
= charges may apply.                                           =
================================================================
On which OS are you planning to use the agent?
1. linux
2. windows
3. darwin
default choice: [2]:
2
Trying to fetch the default region based on ec2 metadata...
I! imds retry client will retry 1 timesAre you using EC2 or On-Premises hosts?
1. EC2
2. On-Premises
default choice: [1]:
1
Do you want to turn on StatsD daemon?
1. yes
2. no
default choice: [1]:
1
Which port do you want StatsD daemon to listen to?
default choice: [8125]
8125
What is the collect interval for StatsD daemon?
1. 10s
2. 30s
3. 60s
default choice: [1]:
1
What is the aggregation interval for metrics collected by StatsD daemon?
1. Do not aggregate
2. 10s
3. 30s
4. 60s
default choice: [4]:
4
Do you have any existing CloudWatch Log Agent configuration file to import for migration?
1. yes
2. no
default choice: [2]:
2
Do you want to monitor any host metrics? e.g. CPU, memory, etc.
1. yes
2. no
default choice: [1]:
1
Do you want to monitor cpu metrics per core?
1. yes
2. no
default choice: [1]:
1
Do you want to add ec2 dimensions (ImageId, InstanceId, InstanceType, AutoScalingGroupName) into all of your metrics if the info is available?
1. yes
2. no
default choice: [1]:
1
Do you want to aggregate ec2 dimensions (InstanceId)?
1. yes
2. no
default choice: [1]:
1
Would you like to collect your metrics at high resolution (sub-minute resolution)? This enables sub-minute resolution for all metrics, but you can customize for specific metrics in the output json file.
1. 1s
2. 10s
3. 30s
4. 60s
default choice: [4]:
4
Which default metrics config do you want?
1. Basic
2. Standard
3. Advanced
4. None
default choice: [1]:
3
Current config as follows:
{
        "metrics": {
                "aggregation_dimensions": [
                        [
                                "InstanceId"
                        ]
                ],
                "append_dimensions": {
                        "AutoScalingGroupName": "${aws:AutoScalingGroupName}",
                        "ImageId": "${aws:ImageId}",
                        "InstanceId": "${aws:InstanceId}",
                        "InstanceType": "${aws:InstanceType}"
                },
                "metrics_collected": {
                        "LogicalDisk": {
                                "measurement": [
                                        "% Free Space"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "Memory": {
                                "measurement": [
                                        "% Committed Bytes In Use"
                                ],
                                "metrics_collection_interval": 60
                        },
                        "Paging File": {
                                "measurement": [
                                        "% Usage"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "PhysicalDisk": {
                                "measurement": [
                                        "% Disk Time",
                                        "Disk Write Bytes/sec",
                                        "Disk Read Bytes/sec",
                                        "Disk Writes/sec",
                                        "Disk Reads/sec"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "Processor": {
                                "measurement": [
                                        "% User Time",
                                        "% Idle Time",
                                        "% Interrupt Time"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "TCPv4": {
                                "measurement": [
                                        "Connections Established"
                                ],
                                "metrics_collection_interval": 60
                        },
                        "TCPv6": {
                                "measurement": [
                                        "Connections Established"
                                ],
                                "metrics_collection_interval": 60
                        },
                        "statsd": {
                                "metrics_aggregation_interval": 60,
                                "metrics_collection_interval": 10,
                                "service_address": ":8125"
                        }
                }
        }
}
Are you satisfied with the above config? Note: it can be manually customized after the wizard completes to add additional items.
1. yes
2. no
default choice: [1]:
1
Do you want to monitor any customized log files?
1. yes
2. no
default choice: [1]:
2
Do you want to monitor any Windows event log?
1. yes
2. no
default choice: [1]:
1
Windows event log name:
default choice: [System]

Do you want to monitor VERBOSE level events for Windows event log System ?
1. yes
2. no
default choice: [1]:
1
Do you want to monitor INFORMATION level events for Windows event log System ?
1. yes
2. no
default choice: [1]:
1
Do you want to monitor WARNING level events for Windows event log System ?
1. yes
2. no
default choice: [1]:
1
Do you want to monitor ERROR level events for Windows event log System ?
1. yes
2. no
default choice: [1]:
1
Do you want to monitor CRITICAL level events for Windows event log System ?
1. yes
2. no
default choice: [1]:
1
Log group name:
default choice: [System]

Log stream name:
default choice: [{instance_id}]

In which format do you want to store windows event to CloudWatch Logs?
1. XML: XML format in Windows Event Viewer
2. Plain Text: Legacy CloudWatch Windows Agent (SSM Plugin) Format
default choice: [1]:
1
Log Group Retention in days
1. -1
2. 1
3. 3
4. 5
5. 7
6. 14
7. 30
8. 60
9. 90
10. 120
11. 150
12. 180
13. 365
14. 400
15. 545
16. 731
17. 1096
18. 1827
19. 2192
20. 2557
21. 2922
22. 3288
23. 3653
default choice: [1]:
7
Do you want to specify any additional Windows event log to monitor?
1. yes
2. no
default choice: [1]:
2
Do you want the CloudWatch agent to also retrieve X-ray traces?
1. yes
2. no
default choice: [1]:
2
Existing config JSON identified and copied to:  C:\Users\Administrator\AppData\Roaming\Amazon\CloudWatchAgent\etc\backup-configs
Saved config file to config.json successfully.
Current config as follows:
{
        "logs": {
                "logs_collected": {
                        "windows_events": {
                                "collect_list": [
                                        {
                                                "event_format": "xml",
                                                "event_levels": [
                                                        "VERBOSE",
                                                        "INFORMATION",
                                                        "WARNING",
                                                        "ERROR",
                                                        "CRITICAL"
                                                ],
                                                "event_name": "System",
                                                "log_group_name": "System",
                                                "log_stream_name": "{instance_id}",
                                                "retention_in_days": 30
                                        }
                                ]
                        }
                }
        },
        "metrics": {
                "aggregation_dimensions": [
                        [
                                "InstanceId"
                        ]
                ],
                "append_dimensions": {
                        "AutoScalingGroupName": "${aws:AutoScalingGroupName}",
                        "ImageId": "${aws:ImageId}",
                        "InstanceId": "${aws:InstanceId}",
                        "InstanceType": "${aws:InstanceType}"
                },
                "metrics_collected": {
                        "LogicalDisk": {
                                "measurement": [
                                        "% Free Space"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "Memory": {
                                "measurement": [
                                        "% Committed Bytes In Use"
                                ],
                                "metrics_collection_interval": 60
                        },
                        "Paging File": {
                                "measurement": [
                                        "% Usage"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "PhysicalDisk": {
                                "measurement": [
                                        "% Disk Time",
                                        "Disk Write Bytes/sec",
                                        "Disk Read Bytes/sec",
                                        "Disk Writes/sec",
                                        "Disk Reads/sec"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "Processor": {
                                "measurement": [
                                        "% User Time",
                                        "% Idle Time",
                                        "% Interrupt Time"
                                ],
                                "metrics_collection_interval": 60,
                                "resources": [
                                        "*"
                                ]
                        },
                        "TCPv4": {
                                "measurement": [
                                        "Connections Established"
                                ],
                                "metrics_collection_interval": 60
                        },
                        "TCPv6": {
                                "measurement": [
                                        "Connections Established"
                                ],
                                "metrics_collection_interval": 60
                        },
                        "statsd": {
                                "metrics_aggregation_interval": 60,
                                "metrics_collection_interval": 10,
                                "service_address": ":8125"
                        }
                }
        }
}
Please check the above content of the config.
The config file is also located at config.json.
Edit it manually if needed.
Do you want to store the config in the SSM parameter store?
1. yes
2. no
default choice: [1]:
1
What parameter store name do you want to use to store your config? (Use 'AmazonCloudWatch-' prefix if you use our managed AWS policy)
default choice: [AmazonCloudWatch-windows]

Trying to fetch the default region based on ec2 metadata...
I! imds retry client will retry 1 timesWhich region do you want to store the config in the parameter store?
default choice: [us-east-1]

Which AWS credential should be used to send json config to parameter store?
1. ASIAT75RBYEGMCT7IFIT(From SDK)
2. Other
default choice: [1]:
1
Successfully put config to parameter store AmazonCloudWatch-windows.
Please press Enter to exit...
Enter fullscreen mode Exit fullscreen mode
  • Verify the CloudWatch agent from Parameter Store go to AWS Systems Manager > Parameter Store you should now see parameter store with name "AmazonCloudWatch-windows" you can check and verify your configuration from it.

Parameter Store

5. Starting the CloudWatch Agent Using System Manager
Now we will start our CloudWatch agent

  • Open the AWS Systems Manager Console:
    Navigate to the SSM Console.

  • Run Command:
    In the left navigation pane, choose "Run Command." then select the "AmazonCloudWatch-ManageAgent" document.
    In the Document version choose "latest version at runtime".
    In the Action choose "configure".
    In the Mode choose "ec2".
    In the Optional Configuration Source choose "ssm"
    In the Optional Configuration Location, type "AmazonCloudWatch-windows".
    In the Optional Restart choose "yes"
    In the Target selection choose "Choose instances manually" then specify the instance that we had deployed in step 2.

RunCommand Configuration-1

RunCommand Configuration-2

RunCommand Configuration-3

  • Review and Run: Review your configurations and click "Run" you need to wait about until Command execution success.

RunCommand Success

Congratulations. By completing the above steps you succeeded to start the cloud watch agent.
now we will verify the CloudWatch Metrics and Log groups.

6. Review the metrics and log groups form CloudWatch

Go to the CloudWatch Console.
In the left navigation pane, select "Metrics."
Choose "Browse" to explore available metrics by service.
Select CWAgent Metric and start to graph the metrics you want.

CloudWatch metrics

CloudWatch metrics

In the left navigation pane, select "Log groups."
open "System" Log group
now you will see Log stream with your instance id you can check logs from it

CloudWatch Log groups

Log Stream

Logs Collected from EC2

Congratulations you now completed installing and configuring CloudWatch Agent by Systems Manager.

Top comments (0)