Logging and Monitoring - Amazon IoT Core
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Logging and Monitoring

Monitoring is an important part of maintaining the reliability, availability, and performance of Amazon IoT and your Amazon solutions. You should collect monitoring data from all parts of your Amazon solution so that you can more easily debug a multi-point failure, if one occurs. For information on logging and monitoring procedures, see Monitoring Amazon IoT

Monitoring Tools

Amazon provides tools that you can use to monitor Amazon IoT. You can configure some of these tools to do the monitoring for you. Some of the tools require manual intervention. We recommend that you automate monitoring tasks as much as possible.

Automated Monitoring Tools

You can use the following automated monitoring tools to watch Amazon IoT and report when something is wrong:

  • Amazon CloudWatch Alarms – Watch a single metric over a time period that you specify, and perform one or more actions based on the value of the metric relative to a given threshold over a number of time periods. The action is a notification sent to an Amazon Simple Notification Service (Amazon SNS) topic or Amazon EC2 Auto Scaling policy. CloudWatch alarms do not invoke actions simply because they are in a particular state. The state must have changed and been maintained for a specified number of periods. For more information, see Monitor Amazon IoT alarms and metrics using Amazon CloudWatch.

  • Amazon CloudWatch Logs – Monitor, store, and access your log files from Amazon CloudTrail or other sources. Amazon CloudWatch Logs also allows you to see critical steps Amazon IoT Device Advisor test cases take, generated events and MQTT messages sent from your devices or Amazon IoT Core during test execution. These logs make it possible to debug and take corrective actions on your devices. For more information, see Monitor Amazon IoT using CloudWatch Logs For more information about using Amazon CloudWatch, see Monitoring Log Files in the Amazon CloudWatch User Guide.

  • Amazon CloudWatch Events – Match events and route them to one or more target functions or streams to make changes, capture state information, and take corrective action. For more information, see What Is Amazon CloudWatch Events in the Amazon CloudWatch User Guide.

  • Amazon CloudTrail Log Monitoring – Share log files between accounts, monitor CloudTrail log files in real time by sending them to CloudWatch Logs, write log processing applications in Java, and validate that your log files have not changed after delivery by CloudTrail. For more information, see Logging Amazon IoT API calls using Amazon CloudTrail and also Working with CloudTrail Log Files in the Amazon CloudTrail User Guide.

Manual Monitoring Tools

Another important part of monitoring Amazon IoT involves manually monitoring those items that the CloudWatch alarms don't cover. The Amazon IoT, CloudWatch, and other Amazon service console dashboards provide an at-a-glance view of the state of your Amazon environment. We recommend that you also check the log files on Amazon IoT.

  • Amazon IoT dashboard shows:

    • CA certificates

    • Certificates

    • Polices

    • Rules

    • Things

  • CloudWatch home page shows:

    • Current alarms and status.

    • Graphs of alarms and resources.

    • Service health status.

    You can use CloudWatch to do the following:

    • Create customized dashboards to monitor the services you care about.

    • Graph metric data to troubleshoot issues and discover trends.

    • Search and browse all your Amazon resource metrics.

    • Create and edit alarms to be notified of problems.