Guided configuration

Before you begin, you’ll need: Metricbeat 7

Set up your IAM user

You’ll need an IAM user with these permissions: cloudwatch:GetMetricData, cloudwatch:ListMetrics, ec2:DescribeInstances, ec2:DescribeRegions, iam:ListAccountAliases, sts:GetCallerIdentity

If you don’t have one, set that up now.

Create an Access key ID and Secret access key for the IAM user, and paste them in your text editor.

You’ll need these for your Metricbeat configuration later.

Get your metrics region

You’ll need to specify the AWS region you’re collecting metrics from.

AWS region menu

Find your region’s slug in the region menu (in the top menu, on the right side).

For example: The slug for US East (N. Virginia) is “us-east-1”, and the slug for Canada (Central) is “ca-central-1”.

Paste your region slug in your text editor. You’ll need this for your Metricbeat configuration later.

Download the certificate

For HTTPS shipping, download the public certificate to your certificate authority folder.

sudo wget -P /etc/pki/tls/certs/
(Optional) Disable the system module

By default, Metricbeat ships system metrics from its host. If you don’t need these metrics, disable the system module:

sudo metricbeat modules disable system
Configure Metricbeat

If you’re working with the default configuration file, (/etc/metricbeat/metricbeat.yml). clear the contents and start with a fresh file.

This code block lays out the default options for collecting metrics from EC2. Paste the code block. You can adjust it to match your AWS environment.

# ...
metricbeat.config.modules.path: ${path.config}/modules.d/*.yml
- period: 300s # Must be multiples of 60
  module: aws
    - ec2
  access_key_id: <<YOUR-ACCESS-KEY-ID>>
  secret_access_key: <<YOUR-SECRET-KEY>>
  default_region: <<YOUR-AWS-REGION>
Add to the configuration

If information isn’t in the file, set it now.

Metricbeat can have one output only, so remove any other output entries.

Replace <<SHIPPING-TOKEN>> with the token of the account you want to ship to.

Replace <<LISTENER-HOST>> with your region’s listener host (for example, For more information on finding your account’s region, see Account region.

# ...
  logzio_codec: json
  token: <<SHIPPING-TOKEN>>
fields_under_root: true
ignore_older: 3hr
type: aws_metrics

#. output
  hosts: ["<<LISTENER-HOST>>:5015"]
  ssl.certificate_authorities: ['/etc/pki/tls/certs/COMODORSADomainValidationSecureServerCA.crt']
Start Metricbeat

Start or restart Metricbeat for the changes to take effect.

Check for your metrics

Give your metrics a few minutes to get from your system to ours, and then open

You can view your metrics on the AWS EC2 dashboard in Grafana. Just click > Manage in the left menu, then click Dashboards > AWS EC2.