Amazon CloudWatch is a native AWS monitoring tool for AWS programs. It provides data collection and resource monitoring capabilities.
$0
per canary run
AWS Security Hub
Score 9.0 out of 10
N/A
AWS Security Hub gives users a comprehensive view of your high-priority security alerts and security posture across AWS accounts. With Security Hub, users have a single place that aggregates, organizes, and prioritizes security alerts, or findings, from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS Identity and Access Management (IAM) Access Analyzer, and AWS Firewall Manager, as well as from AWS Partner solutions.
N/A
Pricing
Amazon CloudWatch
AWS Security Hub
Editions & Modules
Canaries
$0.0012
per canary run
Logs - Analyze (Logs Insights queries)
$0.005
per GB of data scanned
Over 1,000,000 Metrics
$0.02
per month
Contributor Insights - Matched Log Events
$0.02
per month per one million log events that match the rule
Logs - Store (Archival)
$0.03
per GB
Next 750,000 Metrics
$0.05
per month
Next 240,000 Metrics
$0.10
per month
Alarm - Standard Resolution (60 Sec)
$0.10
per month per alarm metric
First 10,000 Metrics
$0.30
per month
Alarm - High Resolution (10 Sec)
$0.30
per month per alarm metric
Alarm - Composite
$0.50
per month per alarm
Logs - Collect (Data Ingestion)
$0.50
per GB
Contributor Insights
$0.50
per month per rule
Events - Custom
$1.00
per million events
Events - Cross-account
$1.00
per million events
CloudWatch RUM
$1
per 100k events
Dashboard
$3.00
per month per dashboard
CloudWatch Evidently - Events
$5
per 1 million events
CloudWatch Evidently - Analysis Units
$7.50
per 1 million analysis units
No answers on this topic
Offerings
Pricing Offerings
Amazon CloudWatch
AWS Security Hub
Free Trial
Yes
No
Free/Freemium Version
Yes
No
Premium Consulting/Integration Services
No
No
Entry-level Setup Fee
No setup fee
No setup fee
Additional Details
With Amazon CloudWatch, there is no up-front commitment or minimum fee; you simply pay for what you use. You will be charged at the end of the month for your usage.
—
More Pricing Information
Community Pulse
Amazon CloudWatch
AWS Security Hub
Considered Both Products
Amazon CloudWatch
Verified User
Anonymous
Chose Amazon CloudWatch
We use Cloudwatch for simpler monitoring, but these metrics and logs often feed into bigger ecosystems across our organization. The metrics and logs in Cloudwatch allow our developers quick and easy access to the data they need whilst easily integrating the same data into more …
Grafana is definitely a lot better and flexible in comparison with Amazon CloudWatch for visualisation, as it offers much more options and is versatile. VictoriaMetrics and Prometheus are time-series databases which can do almost everything cloudwatch can do in a better and …
In comparison to its competitors, Amazon CloudWatch is efficient, reliable, and has a fast response time, and it maximizes an application's life while also providing the best load balance and storage. The services that Amazon CloudWatch provides are far better and cheaper for …
We have also tested with SolarWinds NPM, and Zoho Monitors. They seemed to work fine and setup was not as involved as Amazon services, JSON, etc. However, the issue of upgrades made the other solutions incur more downtime overall for maintenance and software upgrades via the …
I think there is no alternative of [Amazon] CloudWatch service. However it provides lot of glue points which you can use to show different metrics, trigger events and update your dashboards.
I believe that CloudWatch is a better solution to use with AWS services and resources in terms of cost and ease of integration with AWS infrastructure services. But keep in mind that Elasticsearch is better at aggregating application-level metrics. We chose CloudWatch because of …
We found that CloudWatch is the best solution to use with AWS services in terms of cost and ease of integration with AWS infrastructure services. While Elasticsearch is better at aggregating application-level metrics, CloudWatch wins out in its capabilities to tightly integrate …
CloudWatch is the minimum viable product that is used as your baseline. Once you graduate beyond the basic needs, there is a wide range of tools from other AWS partners that go well above and beyond. However the cost of those tools is typically considerably more.
We thought about using Logstash for capturing our data. But we encountered several configuration issues, so as I mentioned before, if you're using AWS, the best way to do this is using the service they offer, as you don't encounter configuration problems. This is why I consider …
I think Amazon has put more efforts to develop AWS CloudWatch features to monitor each kind of AWS service you can use instead of Dynatrace One Agent that just can monitor some variables of Computing services and FaaS, unless Dynatrace One Agent integration with AWS CloudWatch …
Out of the box monitoring which compliments workloads implemented from infrastructure as code so we have standardized metrics across all our monitoring for our AWS workloads. Also incredibly easy to implement via the console which can be done in minutes oppose to hours of …
We choose Amazon CloudWatch because, first, we use AWS and we need a monitoring tool. That is why we considered CloudWatch as soon as we started deploying AWS services to our company. Second, CloudWatch is a great, handy tool to monitor our services. Its strength is obvious …
Currently, we only tried and used Cloud Watch, but for AWS it is perfect. Since this is an Amazon product monitoring Amazon services, integration is great. If we decide in the future to move away from AWS, we would reconsider changing alarm monitoring. AWS can be costly …
Amazon CloudWatch is fully integrated into your existing AWS account, and provides easy hooks into several different services to make a cohesive infrastructure. Unfortunately, using other services will not allow you to get into the weeds to do everything Amazon CloudWatch can …
CloudWatch is incredibly cheap compared to new relic and much more intuitive and easy to use than Nagios. It requires no setup, expertise, or otherwise extensive knowledge to use.
We used to use Miscosoft Azure, however when we came across Amazon CloudWatch, and all the features it can provide, it seemd no brainer to switch. We transitioned from Azure to CloudWatch within 2 years of using Azure, And may not go back. Hopefully Amazon will keep adding more …
Amazon CloudWatch is great in terms of the CloudWatch Logs feature, it integrates easily with other AWS services (CloudFormation, S3, Lambda, etc.) and is reasonably low cost, so it was a no-brainer for that area. For alerting, CloudWatch didn't offer much in the way of …
I feel that CloudWatch will always remain the backbone of log analytics, events, and alarms. However, we can use other products in conjunction with it for better log analytics and monitoring. In my organization, we also ingest logs from CloudWatch to Splunk and ELK. This way we …
AWS Security Hub is it's own unique program that I have used. I haven't used anything similar to it and it was worth it to try out. However, for those that want to keep for long, it will be very heavy in term of budget and resource that they have to provide.
AWS stacks up very similarly to Splunk but being that it's an AWS tool it is better able to natively monitor our AWS footprint, unlike splunk which requires an appliance and / or forwarding agent for it to work properly. The same can be said about some other tools like …
The GuardDuty and Inspector components have been invaluable for us. We don't use all of AWS Security Hub because we're comfortable with the our other tooling which we use for other aspect of our IT operations.
If you use any AWS services, CloudWatch is the natural choice to monitor & troubleshoot your workload. Thankfully, for most AWS services, CloudWatch is either built-in or very easy to set up. However, being proficient in browsing & tracking the log events would take some training & practice. Having some experienced people on the team would help immensely, especially in spreading the skill to the rest of the team.
AWS Security Hub is mainly for protecting your software, video games, web application, etc... from external digital threats. This is a must for all software out there that can afford it. This also require a decent amount of resources to mitigate problems so that the monitoring page isn't overloaded. So overall, a large amount of budget and manpower is required to maintain this product.
It provides lot many out of the box dashboard to observe the health and usage of your cloud deployments. Few examples are CPU usage, Disk read/write, Network in/out etc.
It is possible to stream CloudWatch log data to Amazon Elasticsearch to process them almost real time.
If you have setup your code pipeline and wants to see the status, CloudWatch really helps. It can trigger lambda function when certain cloudWatch event happens and lambda can store the data to S3 or Athena which Quicksight can represent.
Memory metrics on EC2 are not available on CloudWatch. Depending on workloads if we need visibility on memory metrics we use Solarwinds Orion with the agent installed. For scalable workloads, this involves customization of images being used.
Visualization out of the box. But this can easily be addressed with other solutions such as Grafana.
By design, this is only used for AWS workloads so depending on your environment cannot be used as an all in one solution for your monitoring.
Not easy to read past data, especially once it moves into Glacier deep storage
performance is somewhat sluggish ... other systems are much faster to analyze data
Doesn't always provide a remediation solution or suggested fix like other 3rd party tools like Qualys.
It's hard to get the initial configuration and enrollment completed as there's a lot of manual intervention for every configured rule that needs to be enabled
Although the tool itself is easy to integrate and is readily available for use, it has its limitations. The key limitations of cloudwatch are with respect to cost incurred on log retention and log querying. While for key use cases this is sufficient, for more advanced use cases, Amazon CloudWatch doesn't work out. Also, obviously it is tightly coupled with AWS, which makes you look away if you need a single tool for all monitoring
AWS always good with usability and same here for AWS Security Hub. A lot of good documentation is available to read and configure your own. We also started with looking at the videos and documentation to configure automation for our compliance checks. And to configure there are very less steps to be followed which is a very good thing for faster configuration.
Support is effective, and we were able to get any problems that we couldn't get solved through community discussion forums solved for us by the AWS support team. For example, we were assisted in one instance where we were not sure about the best metrics to use in order to optimize an auto-scaling group on EC2. The support team was able to look at our metrics and give a useful recommendation on which metrics to use.
We use Cloudwatch for simpler monitoring, but these metrics and logs often feed into bigger ecosystems across our organization. The metrics and logs in Cloudwatch allow our developers quick and easy access to the data they need whilst easily integrating the same data into more prominent platforms for wider analysis, including Service desk support, SecOps, and ITOps monitoring within the organization.
AWS stacks up very similarly to Splunk but being that it's an AWS tool it is better able to natively monitor our AWS footprint, unlike splunk which requires an appliance and / or forwarding agent for it to work properly. The same can be said about some other tools like Dynatrace. Dynatrace has a much more pleasant user interface that the senior management seems to like more, but AWS Security Hub has better options, a more straightforward rules engine and is less expensive than both Splunk and Dynatrace