AWS Cloud Operations Blog

Category: Amazon CloudWatch

Using Amazon S3 Server Access Logs with Amazon CloudWatch Logs

TL;DR What if you could go from raw Amazon S3 server access logs to a complete security dashboard without building a custom pipeline? The dashboard below is deployed using the CloudFormation template provided in this post. Figure 1: Amazon S3 Server Access Logs Security, Compliance & Audit Dashboard Until now, getting security visibility from Amazon […]

Log analysis with facets, correlation, enrichment, and automation in Amazon CloudWatch Log Analytics

Teams working with distributed applications accumulate logs across multiple log groups, including application logs, access logs, and audit trails. When something needs investigating, an engineer opens the console and starts writing queries from scratch. The same query gets written differently by different people. The results lack context because the log event does not contain who […]

Analyzing Claude Code usage with CloudWatch and OpenTelemetry

If your engineering organization uses AI coding agents like Claude Code, usage is likely growing faster than your ability to track it. Token consumption, cost per team, and developer productivity are questions that existing dashboards don’t answer, because the telemetry never made it to your observability backend. With Amazon CloudWatch OpenTelemetry Protocol (OTLP) in General […]

Introducing native histogram support in Amazon Managed Service for Prometheus

If you run Kubernetes or microservices workloads on AWS, you probably track latency, request durations, and other value distributions with Prometheus histograms. To do that with classic histograms, you predefine a set of bucket boundaries, and Prometheus emits one time series per boundary plus a sum and a count. A single latency histogram with 20 […]

AWS Observability ICYMI: Jan-May 2026

Welcome to the first edition of the AWS Observability ICYMI (In Case You Missed It) recap! The first five months of 2026 has been transformational for AWS observability with over 40 launches across Amazon CloudWatch, AWS X-Ray, Amazon Managed Grafana, and Amazon Managed Service for Prometheus. Two major themes defined this period: OpenTelemetry as the […]

Import Historical data from AWS CloudTrail Lake to Amazon CloudWatch

Organizations managing workloads on AWS rely on AWS CloudTrail to answer the fundamental questions: Who did what, where, and when? Since January 2022, customers have stored their CloudTrail activity logs in CloudTrail Lake, a managed data lake purpose-built for capturing, storing, querying user and API activity across their AWS environment.  As organizations scale across multiple […]

Introducing OpenTelemetry and PromQL support in Amazon CloudWatch

If you run Kubernetes or microservices workloads on AWS, your metrics likely carry dozens of labels: namespace, pod, container, node, deployment, replica set, and custom business dimensions. To get a complete picture of your environment, you may be splitting your metrics pipeline: Amazon CloudWatch for AWS metrics, and a separate Prometheus-compatible backend for high-cardinality (many […]

Adaptive sampling with AWS X-Ray to capture critical spans

Introduction Enterprise applications using AWS X-Ray generate large volumes of distributed tracing data across multiple services. Static sampling strategies keep costs down by capturing a fixed percentage of traffic. However, they frequently miss critical data during intermittent failures or sudden latency spikes. Tracing every request for maximum visibility at scale may increase sampling costs for […]

Investigating Service Issues with Amazon CloudWatch Application Signals Custom Metrics

Investigating Service Issues with Amazon CloudWatch Application Signals Custom Metrics

When a critical service fails, you need to know how much revenue you’re losing, not just that latency has increased. This post shows you how to integrate business metrics with CloudWatch Application Signals to see both technical performance and business impact in one unified view. With CloudWatch Application Signals, you can view metrics, traces, and […]

CrossRegionPrivateLinkNetworkSyntheticMonitor

Cross-Region AWS PrivateLink monitoring with Amazon CloudWatch Network Synthetic Monitor

Introduction Global, distributed AWS architectures are the backbone for customers seeking high availability, resilience, and regulatory compliance. Workloads are commonly deployed across multiple AWS Regions and Availability Zones (AZs), often using AWS PrivateLink to connect services securely and privately across Amazon Virtual Private Cloud (Amazon VPC) networks. This approach enhances security and separation while requiring […]