CloudTrail:
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. With CloudTrail, you can log, continuously monitor, and retain account activity related to actions across your AWS infrastructure. It is Who did what on AWS? and API calls to the service.
You can get a history of events/API calls made within your account by:
- Console
- SDK
- CLI
- AWS services
In simple words, if a resource is deleted, check on CloudTrail.
It has three types of Events:
- Management Events: — Operations that are performed on resources by your AWS account.
- Data Events:- For eg. AWS S3 object-level activity.
- CloudTrail Insights Event: — Enable CloudTrail Insights to detect unusual activity in your AWS account. It analyzes normal management events to create a baseline and then, continuously analyzes write events to detect unusual patterns.
CloudWatch:
Amazon CloudWatch is a monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. CloudWatch provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health. It is basically What is happening in AWS? and logging all the events for a particular service.
CloudWatch have four types of basic services,
- CloudWatch Metrics: Monitors the performance of AWS services and billing metrics.
- CloudWatch Alarms: Automate notification, perform EC2 action, notify SNS based on metrics.
- CloudWatch Logs: Collect log files from EC2 instances, servers, Lambda functions.
- CloudWatch Events(or Event Bridge): react to events on AWS.
I hope you found this short and brief difference useful. Give it a thumbs up.
