# CloudWatch Monitoring Setup - ArveloBuilt CRM **Date:** December 27, 2025 **Status:** ✅ Configured ## Overview CloudWatch monitoring has been configured for ArveloBuilt CRM with comprehensive logging, alarms, and alerting. ## Tags Applied All CloudWatch resources are tagged with: - **Project:** ArveloBuilt - **Environment:** Production - **Application:** CRM ## Log Groups Created 1. `/aws/ec2/arvelobuilt/apache/access` - Apache access logs 2. `/aws/ec2/arvelobuilt/apache/error` - Apache error logs 3. `/aws/ec2/arvelobuilt/php/application` - PHP application logs 4. `/aws/ec2/arvelobuilt/php/error` - PHP error logs 5. `/aws/ec2/arvelobuilt/security/audit` - Security and audit logs **Retention:** 30 days for all log groups ## CloudWatch Alarms Created 1. **arvelobuilt-high-error-rate** - Metric: ErrorCount (Apache errors) - Threshold: >10 errors per 5 minutes - Action: SNS alert 2. **arvelobuilt-failed-logins** - Metric: FailedLoginAttempts - Threshold: >20 per minute - Action: SNS alert 3. **arvelobuilt-db-connection-errors** - Metric: DatabaseConnectionErrors - Threshold: >5 per 5 minutes - Action: SNS alert 4. **arvelobuilt-high-cpu** (if EC2 instance found) - Metric: CPUUtilization - Threshold: >80% for 10 minutes - Action: SNS alert 5. **arvelobuilt-high-memory** (if EC2 instance found) - Metric: mem_used_percent - Threshold: >80% for 10 minutes - Action: SNS alert ## SNS Topic **Topic Name:** `arvelobuilt-alerts` To subscribe to alerts: ```bash aws sns subscribe \ --topic-arn \ --protocol email \ --notification-endpoint your-email@example.com \ --region us-east-1 ``` ## Next Steps 1. **Subscribe to SNS Topic** - Add your email to receive alerts 2. **Configure CloudWatch Log Agent** - Install and configure agent on EC2 instance to send logs 3. **Test Alarms** - Verify alerts are working by triggering test conditions 4. **Set up Log Shipping** - Configure Apache and PHP to send logs to CloudWatch ## Log Agent Configuration To send logs from EC2 to CloudWatch, install the CloudWatch Log Agent: ```bash # On EC2 instance sudo yum install amazon-cloudwatch-agent -y # Configure agent (create config file) sudo nano /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json ``` Example configuration: ```json { "logs": { "logs_collected": { "files": { "collect_list": [ { "file_path": "/var/log/httpd/access_log", "log_group_name": "/aws/ec2/arvelobuilt/apache/access", "log_stream_name": "{instance_id}" }, { "file_path": "/var/log/httpd/error_log", "log_group_name": "/aws/ec2/arvelobuilt/apache/error", "log_stream_name": "{instance_id}" }, { "file_path": "/var/log/php/application.log", "log_group_name": "/aws/ec2/arvelobuilt/php/application", "log_stream_name": "{instance_id}" } ] } } } } ``` Start the agent: ```bash sudo systemctl start amazon-cloudwatch-agent sudo systemctl enable amazon-cloudwatch-agent ``` ## Monitoring Dashboard Create a CloudWatch dashboard to visualize metrics: - Error rates - Login attempts - Database connections - CPU/Memory usage - Request rates ## Cost Estimate - **Log Storage:** ~$0.50/GB/month (first 5GB free) - **Log Ingestion:** ~$0.50/GB (first 5GB free) - **Alarms:** $0.10/alarm/month (first 10 free) - **SNS:** $0.50 per 100,000 notifications **Estimated Monthly Cost:** $5-10/month