All news with #cloudwatch tag

Amazon CloudWatch RUM Adds Mobile Support for iOS, Android

📱 Amazon CloudWatch RUM now supports iOS and Android apps, extending real user monitoring beyond web applications. Using the OpenTelemetry (OTEL) standard, it captures mobile spans such as application startup time, screen load time, and backend network calls, and records events including crashes and ANRs/AppHangs. Developers and SREs can perform impact analysis for errors or crashes, drill into correlated telemetry, and filter by location, device type, OS, and app version. Mobile telemetry integrates with application metrics, traces, logs, web RUM, and synthetic monitoring in CloudWatch Application Signals, and is available in all AWS Commercial Regions where web monitoring is provided.

Amazon CloudWatch Adds Scheduled Logs Insights Queries

🔁 Amazon CloudWatch Logs now supports scheduled Logs Insights queries that run automatically on a recurring cadence and deliver results to Amazon S3 or Amazon EventBridge. This capability lets teams automate log analysis, track trends, and detect anomalies without manually re-running queries. Administrators can configure schedules via the Console, AWS CLI, AWS CDK, or SDKs, and store results for reporting or trigger incident workflows. The feature is available in multiple AWS regions across the US, Europe, Asia Pacific, and South America.

Amazon CloudWatch Adds Threshold-Based Composite Alarms

🔔 Amazon CloudWatch now lets teams create threshold-based composite alarms that trigger only when a specified subset of monitored resources meet a condition. Using the new AT_LEAST function, you can define fixed counts or percentages — for example, at least two of four volumes low on capacity or 50% of hosts with high CPU — to reduce alert noise. The capability is available in all commercial AWS regions, AWS GovCloud (US), and China Regions; composite alarms pricing applies.

Amazon CloudWatch adds interactive incident reporting

📝 Amazon CloudWatch now offers interactive incident report generation, enabling customers to produce comprehensive post-incident analysis in minutes. The capability, available within CloudWatch investigations, automatically gathers and correlates telemetry data, user inputs, and investigation actions to produce streamlined reports. Reports include executive summaries, timelines, impact assessments, and actionable recommendations to help teams identify patterns and implement preventive measures. The feature is available in multiple AWS regions.

Amazon CloudWatch Agent Gains Windows Event Log Filtering

🔎 Amazon CloudWatch Agent now supports configurable Windows Event Log filters for Windows hosts running on Amazon EC2 or on‑premises. You can define per-stream filter criteria in the agent configuration file — including event levels, specific event IDs, and regular expressions set to include or exclude — and the agent evaluates each event to determine whether it should be sent to CloudWatch. This reduces noisy ingestion and helps focus monitoring, troubleshooting, and cost control; the feature is available in all commercial AWS Regions and AWS GovCloud (US).

Amazon SES adds IP observability for DIP-M pools capability

📬 Amazon Simple Email Service (SES) now exposes the exact IP addresses used by Dedicated IP Addresses - Managed (DIP-M) pools. Customers can view these IPs via the console, CLI, or SES API and access Microsoft SNDS metrics for each address. SES also creates CloudWatch metrics for SNDS data to aid reputation monitoring. This gives customers greater transparency into sending activity and helps diagnose deliverability and reputation issues with mailbox providers.

CloudWatch Database Insights Adds Tag-Based Access Control

🔐 Amazon CloudWatch Database Insights now supports tag-based access control for database-level and per-query metrics powered by RDS Performance Insights. Instance tags defined on RDS and Aurora are now automatically evaluated to authorize Performance Insights metrics, enabling IAM policies to use tag-based access conditions across logical groups of databases. This reduces manual, resource-level permission management and improves governance and security consistency. The feature is available in all AWS regions where Database Insights is offered.

Amazon ECS adds one-click event capture and querying

🔎 The Amazon Elastic Container Service (ECS) console now offers one-click event capture and an integrated event history query interface. With a single click the console configures underlying EventBridge rules and CloudWatch log groups and provides pre-built query templates and filters for time range, task ID, deployment ID, stop codes, and exit codes. Available in all AWS Commercial and GovCloud (US) Regions.

Amazon CloudWatch Adds Tag-Based Telemetry for Metrics

🔍 Amazon CloudWatch introduces tag-based telemetry so teams can monitor metrics and configure alarms using existing AWS resource tags. This lets DevOps and cloud administrators build dynamic monitoring views that follow organizational tagging, automatically adapting as resources change. Tag-based query filtering cuts manual dashboard and alarm updates, and can be enabled with one click or via the AWS CLI and SDKs.

CloudWatch Cross-Account Cross-Region Log Centralization

🔁 Amazon CloudWatch now supports cross-account, cross-region log centralization, allowing customers to copy log data from multiple AWS accounts and regions into a single destination account and integrate with AWS Organizations. Copied log events are enriched with new system fields (@aws.account and @aws.region) to preserve source context, and administrators can scope rules to the entire organization, selected OUs, or specific accounts. The feature supports selective log-group copying, automatic merging of same-named groups, optional backup-region copies, and includes one free centralized copy with additional copies billed at $0.05/GB.

Automating OIDC Client Secret Rotation for ALB on AWS

🔁 This AWS blog demonstrates how to automate OIDC client secret rotation for Application Load Balancer authentication using AWS Secrets Manager, AWS Lambda, and Amazon EventBridge. The solution securely stores IdP credentials (Auth0 in the example), schedules a Lambda handler to fetch and compare tokens, and updates Secrets Manager and ALB listener rules when changes occur. It reduces manual effort, limits plaintext credential exposure, and adds monitoring via CloudWatch alarms.

AWS WAF Adds Free Vended Logs Based on Request Volume

📣 AWS WAF now includes a free allocation of Vended Logs ingestion to CloudWatch: 500 MB for every 1 million WAF requests processed, provided at no additional cost. The allocation is applied automatically across WAF vended logs to CloudWatch, S3, and Firehose and is reconciled on your AWS bill at month end. Usage beyond the included allowance is charged at standard AWS WAF Vended Logs CloudWatch rates. This change helps reduce logging costs while preserving comprehensive security visibility and analytics.

Managed Service for Prometheus: Quota Visibility via AWS

🔍 Amazon Managed Service for Prometheus now exposes applied quota values and utilization through AWS Service Quotas and Amazon CloudWatch. This integration delivers centralized visibility of service limits across workspaces, enables quick quota increase requests, and provides usage metrics that you can incorporate into CloudWatch alarms and dashboards. Usage metrics are always enabled, provided at no extra cost, and accessible via console, APIs, and CLI in all regions where the service is generally available.

Amazon CloudWatch: Single Alarm for Multiple Metrics

🔔 Amazon CloudWatch now supports creating a single alarm that evaluates and acts on multiple individual metrics dynamically. By authoring a Metrics Insights (SQL) query with GROUP BY and ORDER BY clauses, the alarm automatically includes matching metrics as resources are created or removed, eliminating manual per-resource alarm management. You can configure these alarms via the CloudWatch console, AWS CLI, CloudFormation, or CDK; the capability is available in all commercial AWS regions, AWS GovCloud (US) Regions, and China Regions, and Metrics Insights query alarm pricing applies.

CloudWatch Metrics Insights: Query Metrics Up to Two Weeks

🕒 Amazon Web Services now enables customers to query CloudWatch metrics up to two weeks in the past using the Metrics Insights query source. Metrics Insights delivers fast, SQL-based metric queries and this enhancement expands the prior ~3-hour visualization window to 14 days for dashboards, alarms, and investigations. The capability is available now in commercial AWS regions and is automatically enabled at no additional charge, though standard pricing still applies for alarms, dashboards, and API usage.