Logging and Monitoring in Amazon AppStream 2.0

Monitoring is an important part of maintaining the reliability, availability, and performance of Amazon AppStream 2.0. This topic describes the services and tools that AWS provides for monitoring your AppStream 2.0 resources and responding to potential incidents.

Amazon CloudWatch Alarms

Amazon CloudWatch alarms let you watch a single metric over a time period that you specify. If the metric exceeds a given threshold, a notification is sent to an Amazon Simple Notification Service topic or AWS Auto Scaling policy. CloudWatch alarms do not invoke actions that are in a particular state. Instead, the state must have changed and been maintained for a specified number of periods. For more information, see Monitoring Amazon AppStream 2.0 Resources.

Note

AppStream 2.0 currently can't be configured as a target for CloudWatch Events. For a list of services that you can configure as targets for CloudWatch events, see What Is Amazon CloudWatch Events.

AWS CloudTrail

AWS CloudTrail provides a record of actions taken by a user, role, or an AWS service in AppStream 2.0. This record lets you determine the request that was made to AppStream 2.0, the IP address from which the request was made, who made the request, when it was made, and additional details. For more information, see Logging AppStream 2.0 API Calls with AWS CloudTrail.

AWS Trusted Advisor

AWS Trusted Advisor inspects your AWS environment and then recommends ways to save money, improve system availability and performance, or help close security gaps. Trusted Advisor uses best practices collected from a wide variety of AWS customers. All AWS customers have access to five Trusted Advisor checks. If you have a Business or Enterprise support plan, you can view all Trusted Advisor checks.

When you enable application settings persistence or home folders for your users, the data that is generated by your users is stored in Amazon S3 buckets. Trusted Advisor contains the following checks related to Amazon S3:

Logging configuration of Amazon S3 buckets.
Security checks for Amazon S3 buckets that have open access permissions.
Fault tolerance checks for Amazon S3 buckets that don't have versioning enabled, or have versioning suspended.

For more information, see AWS Trusted Advisor in the AWS Support User Guide.

Amazon S3 Access Logs

If your users have application settings data or home folders data stored in Amazon S3 buckets, consider viewing Amazon S3 server access logs to monitor access. These logs provide detailed records about requests that are made to a bucket. Server access logs are useful for many applications. For example, access log information can be useful in security and access audits. For more information, see Amazon S3 Server Access Logging in the Amazon Simple Storage Service User Guide.

AppStream 2.0 Usage Reports

You can subscribe to AppStream 2.0 usage reports to receive detailed reports about how your users are using the service. The reports include how long users stream and which applications they launch. For more information, see AppStream 2.0 Usage Reports.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Access to Applications and Scripts on Streaming Instances

Compliance Validation