Create a Web server instance, configure Cloudwatch to collect the system log of the Web server, and trigger an alarm when the number of incorrect logons reaches a set value
1. Create a Web Server
1.1 Creating an IAM policy
1.2 Creating an IAM role
1.3 Creating a security group
1.4 Creating a Web Server
2. Define Cloudwatch logs threshold value
2.1 Confirm Cloudwatch Logs Agent is running
2.2 Creating Cloudwatch Logs indicator filters
2.3 Defining a Cloudwatch alarm
Attempts to log webserver instances multiple times with an incorrect password, triggering an alert
3. Generate a Cloudwatch custom indicator for EC2 instances
3.1 Landing to webserver
3.2 Configuring the AWS CLI
3.3 Generating IIS Memory usage
3.3.1 Get current memory usage for W3wp.exe process
Access http://localhost/in the browser on the webserver
$memUsed = Get-wmiobject win32_process-computername $env: ComputerName | where Commandline-match "w3wp" | ForEach {"{0}"-F $_. VM} | Measure-object-sum | Select-expandproperty sum$memused
3.3.2 getting the Instanceid of the current instance
$instanceId = (New-object net.webclient). Downloadstring (' Http://169.254.169.254/latest/meta-data/instance-id ')
3.3.3 Creating Cloudwatch Custom Metrics
AWS Cloudwatch Put-metric-data--namespace httpservermetrics--metric-name httpservermemutilization--dimension instanceid= $instanceId--value $memUsed--unit "kilobytes"
3.3.4 checking the custom indicators of Cloudwatch
System Operations on Aws-lab 4w-monitoring (Windows)