Skip to main content
Skip table of contents

(LRCloud Only) Configure AWS CloudWatch Alarms Using Cloud to Cloud

Amazon CloudWatch is a monitoring service for AWS cloud resources and the applications that run on AWS. You can use Amazon CloudWatch to collect and track metrics, collect and monitor log files, and set alarms. Amazon CloudWatch can monitor AWS resources such as Amazon EC2 instances, Amazon DynamoDB tables, and Amazon RDS DB instances, as well as custom metrics generated by your applications and services. This document explains how to configure the collection of CloudTrail events using the web console's cloud to cloud functionality. This is available to LRCloud customers only.


Before you start to configure collection from AWS, you must ensure the following:

  • Customer is an LRCloud customer and has their environment hosted.
  • You have a valid AWS Access Key and Secret Access Key.

Initialize the Logs Source

  1. Log into the web console as an Restricted Administrator User.
  2. On the top navigation bar, click the Administration icon, and select Cloud Log Collection.
  3. At the top of the page, click New Log Source.
  4. Select the tile for AWS CloudWatch Alarms Sysmon Agent. 
    The Add AWS CloudWatch Alarms Log Source screen appears.
  5. Enter the following details:

    SettingDefault ValueDescription
    NameN/AEnter the name for this log source.
    DescriptionN/A(Optional) Enter a description for this log source.

    Enter the endpoint region code for the specific AWS CloudTrail S3 bucket (for example, us-east-1). For more information, refer to CloudTrail Regions and Endpoints.

    Access Key IDN/AEnter the AWS Access Key ID. for example, AKIAIOSFODNN7EXAMPLE
    Secret Key Access KeyN/A

    Enter the AWS Secret Access Key for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

    Collect CloudWatch AlarmstrueTo not collect Cloud Watch Alarms, set this value to false.
    Collect CloudWatch LogstrueTo not collect Cloud Watch Logs, set this value to false.
    CloudWatchLogGroupPrefixall log groupsSpecify which Log Groups you want to collect logs from.
  6. Click Save.

Using the information provided, a new active log source is created and accepted in the client console. Collection should start automatically within a couple of minutes.

The log source's host is the Platform Manager. However, it is recommended that a new host entity is created and the log source is moved to the new host.

For security purposes, the values entered are encrypted using LRCrypt.

Default Config Values for AWS CloudWatch Alarms Log Source

SettingDefault Value
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.