All Posts
2026-02-20Sandro Volpicella

Amazon CloudWatch Agent: Comprehensive Installation and Configuration Guide

AWSCloudWatchMonitoringDevOpsEC2
A
<div class="toc"> <h3>Table of Contents</h3> <ul> <li><a href="#what-is-cloudwatch-agent">What is CloudWatch Agent and Why is it Important?</a></li> <li><a href="#installation-and-configuration">Installation and Configuration</a></li> <li><a href="#configuring-metrics-and-log-collection">Configuring Metrics and Log Collection</a></li> <li><a href="#advanced-features-and-best-practices">Advanced Features and Best Practices</a></li> <li><a href="#frequently-asked-questions-faq">Frequently Asked Questions (FAQ)</a></li> </ul> </div>

The Amazon CloudWatch Agent is a lightweight and flexible monitoring tool provided by AWS (Amazon Web Services) that enables you to collect system-level metrics, logs, and custom metrics from your EC2 instances.

This agent simplifies the process of monitoring your infrastructure and applications, providing valuable insights and helping you take proactive steps in performance optimization and troubleshooting.

In this article, we will explore the critical role of the CloudWatch Agent in monitoring EC2 instances, how to install and configure it on Amazon Linux 2, and its advanced features.

<h2 id="what-is-cloudwatch-agent">What is CloudWatch Agent and Why is it Important?</h2>

Without the CloudWatch Agent, you lack real-time visibility into system-level metrics (such as memory usage, disk space, etc.), logs, and custom metrics.

This limits your ability to detect performance issues, optimize resource allocation, and troubleshoot problems efficiently. Furthermore, not collecting logs in a centralized location makes analysis difficult. The CloudWatch Agent bridges this gap by offering comprehensive monitoring capabilities.

Benefits of Using Amazon CloudWatch Agent

  • Detailed Metrics: Easily monitor metrics like CPU usage, memory (RAM) usage, disk space, and network traffic.
  • Centralized Log Management: Aggregate your logs in CloudWatch Logs to search and analyze across your entire infrastructure.
  • Custom Metrics: Collect application-specific metrics to monitor based on your business logic.
  • Integration: Works seamlessly with other AWS services (e.g., Auto Scaling) to trigger automated scaling actions.

For more information, check out our AWS Consultancy services.

<h2 id="installation-and-configuration">Installation and Configuration</h2>

Installing the CloudWatch Agent on Amazon Linux 2 is quite simple. You can quickly install it via the package manager.

Prerequisites

Before starting the installation, ensure that the IAM role attached to your EC2 instance has the CloudWatchAgentServerPolicy permission. This permission is required for the agent to send data to the CloudWatch service.

If you need more information about AWS IAM roles and policies, you can review our relevant documentation.

Step-by-Step Installation Guide

Follow the steps below to complete the installation:

  1. Connect to the Server: Connect to your Amazon Linux 2 instance via SSH or your preferred method.

  2. Update Packages:

    sudo yum update -y

  3. Install CloudWatch Agent:

    sudo yum install -y amazon-cloudwatch-agent

  4. Prepare Configuration File: After installation, you need to create a configuration file that determines what the agent will collect. This file is typically located at /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json or created via the wizard.

  5. Start the Agent: Once your configuration file is ready, you can start the agent with the following command:

    sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json -s

  6. Check Status: To verify if the agent is running:

    sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m ec2 -a status

Note: Installation methods for other operating systems like Windows Server (SSM, CloudFormation, etc.) may vary. Refer to the official AWS documentation for details.

<h2 id="configuring-metrics-and-log-collection">Configuring Metrics and Log Collection</h2>

The CloudWatch Agent requires a JSON configuration file to function correctly. You can create this file in two ways:

  1. Using the Wizard: Interactively via the sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard command.
  2. Manually: By editing the JSON file yourself.

Which Metrics Can Be Collected?

Many metrics can be collected by default:

  • cpu_usage_active: Percentage of active CPU usage.
  • mem_used_percent: Percentage of memory used.
  • disk_used_percent: Disk usage percentage.
  • net_bytes_sent/recv: Network traffic data.

You can visualize these metrics in the CloudWatch console and use them for performance analysis in your Kubernetes Consultancy processes.

Log Collection Settings

In the configuration file, under the logs section, you can specify which log files to monitor.

An example configuration snippet:

"logs": {
    "logs_collected": {
        "files": {
            "collect_list": [
                {
                    "file_path": "/var/log/messages",
                    "log_group_name": "/aws/ec2/syslog",
                    "log_stream_name": "{instance_id}"
                }
            ]
        }
    }
}

With this configuration, logs from /var/log/messages are sent to CloudWatch.

<h2 id="advanced-features-and-best-practices">Advanced Features and Best Practices</h2>

High-Resolution Metrics

By default, metrics are collected every 5 minutes. You can configure this down to 1 minute (or less) to obtain "High-Resolution Metrics." This is critical for catching instantaneous performance issues.

Management with AWS Systems Manager (SSM)

If you have many servers, instead of editing configuration files on each server individually, you can store them in the AWS Systems Manager Parameter Store and distribute them from there.

Alarms and Auto Scaling

By creating CloudWatch Alarms on collected metrics, you can receive notifications when specific thresholds are exceeded (e.g., CPU > 80%) or trigger Auto Scaling to automatically increase the number of servers.

Cost Warning

When using CloudWatch, you should be mindful of data ingestion and retention costs.

  • Log Retention: Instead of keeping logs forever, set a retention period that suits your needs (e.g., 30 days).
  • Filtering: Filter unnecessary logs at the source to reduce costs.

Conclusion

The Amazon CloudWatch Agent is an indispensable tool for monitoring and optimizing your EC2 instances. With proper configuration, you can gain deep insights into the health of your infrastructure and detect potential issues before your users do.

<h2 id="frequently-asked-questions-faq">Frequently Asked Questions (FAQ)</h2>

1. Is CloudWatch Agent free?

The CloudWatch Agent itself is free to download and install, but standard CloudWatch charges apply for the metrics and logs it collects (ingestion, storage).

2. Which operating systems are supported?

It runs on many popular operating systems including Amazon Linux, Ubuntu, CentOS, RHEL, Windows Server, and macOS.

3. Can I send Custom Metrics?

Yes, you can send custom metrics from your application using protocols like statsd or collectd supported by the agent.

4. How long should I keep logs?

This depends on your needs, but for cost optimization, it is recommended to keep non-critical logs for shorter periods, such as 30 days.

Source: https://awsfundamentals.com/blog/amazon-cloudwatch-agent