Audit and accountability in Amazon EC2
Amazon CloudTrail, Amazon Config, and Amazon Config Rules provide audit and change tracking features for auditing Amazon
resource changes. Configure Windows event logs to send local log files to a centralized log
management system to preserve log data for security and operational behavior analysis.
Microsoft System Center Operations Manager (SCOM) aggregates information about Microsoft
applications deployed to Windows instances and applies preconfigured and custom rulesets based
on application roles and services. System Center Management Packs build on SCOM to provide
application-specific monitoring and configuration guidance. These Management Packs
In addition to Microsoft systems management tools, customers can use Amazon CloudWatch to monitor instance CPU utilization, disk performance, network I/O, and perform host and instance status checks. The EC2Config, EC2Launch, and EC2Launch v2 launch agents provide access to additional, advanced features for Windows instances. For example, they can export Windows system, security, application, and Internet Information Services (IIS) logs to CloudWatch Logs which can then be integrated with Amazon CloudWatch metrics and alarms. Customers can also create scripts that export Windows performance counters to Amazon CloudWatch custom metrics.