CloudWatch investigations - Amazon CloudWatch
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

CloudWatch investigations

The CloudWatch investigations feature is a generative AI-powered assistant that can help you respond to incidents in your system. It uses generative AI to scan your system's telemetry and quickly surface suggestions that might be related to your issue. These suggestions include metrics, logs, deployment events, and root-cause hypotheses. For a complete list of types of data that the AI assistant can surface, see Insights that CloudWatch investigations can surface in investigations

For each suggestion, you decide whether to add it to the investigation findings or to discard it. This helps CloudWatch investigations refine and iterate toward the root cause of the issue. CloudWatch investigations can help you find the root cause without having to manually identify and query multiple metrics and other sources of telemetry and events. A troubleshooting issue that would have taken hours of searching and switching between different consoles can be solved in a much shorter time.

CloudWatch investigations provide intuitive real-time and natural-language analyses and summaries, helps you to understand your system’s status with clear suggestions, and guides you through targeted troubleshooting steps tailored to your specific Amazon workloads.

You can create investigations in three ways:

  • From within many Amazon consoles. For example, you can start an investigation when viewing a CloudWatch metric or alarm in the CloudWatch console, or from a Lambda function's Monitor tab on its properties page.

  • By following a prompt in chat with Amazon Q. You can start by asking questions like "Why is my Lambda function slow today?" or "What's wrong with my database?"

  • By configuring a CloudWatch alarm action to automatically start an investigation when the alarm goes into ALARM state.

After you start an investigation with any of these methods, CloudWatch investigations scans your system to find telemetry that might be relevant to the situation, and also generates hypotheses based on what it finds. CloudWatch investigations surfaces both the telemetry data and the hypotheses, and enables you to accept or discard each one.

Each account may have up to 2 concurrent investigations. Only investigations with active analysis count towards this limit. Each month, each account may create up to 150 investigations with AI analysis.

Important

To help CloudWatch investigations provide the most relevant information, we might use certain content from CloudWatch investigations, including but not limited to, questions that you ask CloudWatch investigations and its response, insights, user interactions, telemetry, and metadata for service improvements. Your trust and privacy, as well as the security of your content, is our highest priority. For more information, see Amazon Service Terms and Amazon responsible AI policy.

You can opt out of having your content collected to develop or improve the quality of CloudWatch investigations by creating an AI service opt-out policy for CloudWatch or AI Operations (aiops). For more information, see AI services opt-out policies in the Amazon Organizations User Guide.

How CloudWatch investigations find data for suggestions

CloudWatch investigations use a wide range of data sources to determine dependency relationships and plan analysis paths, including telemetry data configurations, service configurations, and observed relationships. These dependency relationships are found more easily if you use CloudWatch Application Signals and Amazon X-Ray. When Application Signals and X-Ray aren't available, CloudWatch investigations will attempt to infer dependency relationships through co-occurring telemetry anomalies.

While CloudWatch investigations will continue to analyze telemetry data and provide suggestions without these features enabled, in order to ensure optimal quality and performance for CloudWatch investigations, we strongly recommend that you enable the services and features listed in (Recommended) Best practices to enhance investigations.

Costs associated with CloudWatch investigations

CloudWatch investigations may incur Amazon service usage including telemetry and resource queries and other API usage. While the majority of these will not be charged to your Amazon bill, there are exceptions including but not limited to CloudWatch APIs (ListMetrics, GetDashboard, ListDashboards, and GetInsightRuleReport), X-Ray APIs (GetServiceGraph, GetTraceSummaries, and BatchGetTraces). CloudWatch investigations also uses Amazon Cloud Control APIs which might incur usage of Amazon services such as Amazon Kinesis Data Streams and Amazon Lambda. Additionally, integration with CloudWatch investigations in chat applications which might incur usage of Amazon Simple Notification Service. For usage of these services exceeding the Amazon Free Tier, you will see charges on your Amazon bill. These charges are expected to be minimal for normal usage of CloudWatch investigations. For more information, see Amazon Kinesis Data Streams pricing, Amazon Lambda pricing for Automation, and Amazon Simple Notification Service pricing.

Topics