Log and monitor Athena
To detect incidents, receive alerts when incidents occur, and respond to them, use these options with Amazon Athena:
-
Monitor Athena with Amazon CloudTrail – Amazon CloudTrail provides a record of actions taken by a user, role, or an Amazon Web Services service in Athena. It captures calls from the Athena console and code calls to the Athena API operations as events. This allow you to determine the request that was made to Athena, the IP address from which the request was made, who made the request, when it was made, and additional details. For more information, see Log Amazon Athena API calls with Amazon CloudTrail.
You can also use Athena to query the CloudTrail log files not only for Athena, but for other Amazon Web Services services. For more information, see Query Amazon CloudTrail logs.
-
Monitor Athena usage with CloudTrail and Amazon QuickSight – Amazon QuickSight
is a fully managed, cloud-powered business intelligence service that lets you create interactive dashboards your organization can access from any device. For an example of a solution that uses CloudTrail and Amazon QuickSight to monitor Athena usage, see the Amazon Big Data blog post How Realtor.com monitors Amazon Athena usage with Amazon CloudTrail and Amazon QuickSight . -
Use EventBridge with Athena – Amazon EventBridge delivers a near real-time stream of system events that describe changes in Amazon resources. EventBridge becomes aware of operational changes as they occur, responds to them, and takes corrective action as necessary, by sending messages to respond to the environment, activating functions, making changes, and capturing state information. Events are emitted on a best effort basis. For more information, see Getting started with Amazon EventBridge in the Amazon EventBridge User Guide.
-
Use workgroups to separate users, teams, applications, or workloads, and to set query limits and control query costs – You can view query-related metrics in Amazon CloudWatch, control query costs by configuring limits on the amount of data scanned, create thresholds, and trigger actions, such as Amazon SNS alarms, when these thresholds are breached. For more information, see Use workgroups to control query access and costs. Use resource-level IAM permissions to control access to a specific workgroup. For more information, see Use IAM policies to control workgroup access and Use CloudWatch and EventBridge to monitor queries and control costs.