I want to configure CloudWatch for my Amazon EC2 Windows instance using Amazon EC2 Systems Manager Run Command. How can I do this?

You can route log files from your operating system, applications, and custom logs to CloudWatch. These logs can be used for storage and for monitoring incoming events, and you can view the results as CloudWatch metrics. You can also use EC2 Systems Manager to configure CloudWatch with Windows event logs, application logs, and system logs.

Amazon EC2 instances send data logs to CloudWatch using either the EC2Config service or the EC2 Systems Manager (SSM) agent, based on the agent and OS version.

Windows Server 2016

SSM agent

The EC2Config service is not supported on Windows Server 2016.


Windows Server 2008-2012 R2

EC2Config or SSM agent

If your instance is running EC2Config version 3.x or earlier, the EC2Config service sends log data to CloudWatch. If your instance is running EC2Config version 4.x or later, SSM Agent sends log data to CloudWatch.


To configure CloudWatch using EC2 Systems Manager, follow these instructions:

  1. Verify that you have completed the prerequisites; see Preliminary Tasks for Configuring Integration with CloudWatch.
  2. Update to the latest version of the SSM Agent; see Example: Update the SSM Agent.
  3. Download the JSON template from the AWS S3 repository and configure it for your specific region and log groups; see Configure the JSON File for CloudWatch.
  4. Open the Amazon EC2 console. In the navigation pane, expand SYSTEMS MANAGER SERVICES, choose Run Command, and then choose Run a command.
  5. In the Name field, choose AWS-ConfigureCloudWatch and ensure Status is set to Enabled.
    Note: AWS-ConfigureCloudWatch logs are for Windows instance types only.
  6. Choose Run; it should return Success.

Your Windows instance should now be configured for CloudWatch.

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2017-07-07