Amazon CloudWatch
Developer Guide (API Version 2010-08-01)
AWS Documentation » Amazon CloudWatch » Developer Guide » Introduction to Amazon CloudWatch » Choosing A CloudWatch Interface
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.Did this page help you?  Yes | No |  Tell us about it...
Filter View:

Choosing A CloudWatch Interface

Topics

You can access Amazon CloudWatch using several different interfaces—you can sign on to the AWS Management Console, download and install the command line interface (CLI), or create a query request with the query API. If you prefer to use a specific programming language, several Software Development Kits (SDKs) exist that allow you to access Amazon CloudWatch programmatically.

AWS Management Console

Topics

Use the Amazon CloudWatch console to view graphs of your metrics and create alarms based on those metrics. If you are registered with an AWS service that supports data collection, you could already have basic metric data available to you in Amazon CloudWatch.

Signing in to the Console

To sign in to the CloudWatch console

  1. Sign in to the AWS Management Console and open the Amazon CloudWatch console at https://console.aws.amazon.com/cloudwatch/.

    The monitoring dashboard opens. Your dashboard might look something like the following:

    Console Dashboard

    If you do not have any alarms, the Your Alarms section will have a Create Alarm button. Even if this is the first time you are using the Amazon CloudWatch console, the Your Metrics section could already report that you are using a significant number of metrics, because several AWS products push free metrics to Amazon CloudWatch automatically.

  2. If necessary, change the region. From the navigation bar, select the region that meets your needs. For more information, see Regions and Endpoints.

    region selector on the navigation bar

Viewing Your Metrics

You can view graphs of your metrics in the Metrics page.

To see graphs of your metrics

  1. In the navigation pane, click Metrics.

  2. In the upper pane, scroll down to the metric that you want to graph.

  3. Click the metric.

The following example shows the graph for the CPUUtilization metric, aggregated by EC2 Image ID.

Viewing Your Metrics

Creating Alarms

You can create an alarm in the Your CloudWatch Alarms page.

To create an alarm

  1. Open the Amazon CloudWatch console at https://console.aws.amazon.com/cloudwatch/.

  2. If necessary, change the region. From the navigation bar, select the region that meets your needs. For more information, see Regions and Endpoints.

    region selector on the navigation bar

  3. In the navigation pane, click Alarms.

  4. Click Create Alarm to open the Create Alarm Wizard.

    CloudWatch Console Create Alarm Button

    The Create Alarm Wizard leads you through the steps to create a new alarm. You can choose specific metrics to trigger the alarm and specify thresholds for those metrics. You can then set your alarm to change state when a metric breaches a threshold that you have defined. For an example of how to create an alarm for a specific metric, see Creating CloudWatch Alarms.

Command Line Interface (CLI)Tools

Topics

The following sections describe how to set up your environment for use with the Amazon CloudWatch command line interface (CLI).

Installing the CLI

This section describes how to set up the Amazon CloudWatch CLI.

Process for Installing the CLI

Step 1: Download the CLI

Step 2: Set the JAVA_HOME Environment Variable

Step 3: Set the AWS_CLOUDWATCH_HOME Environment Variable

Step 4: Set the AWS_CREDENTIAL_FILE Environment Variable

Step 5: Set the Region


Note

As a convention, command line text is prefixed with a generic PROMPT> command line prompt. The actual command line prompt on your computer is likely to be different. We also use $ to indicate a Linux/UNIX–specific command and C:\> for a Windows–specific command. Although we don't provide explicit instructions, the tool also works correctly on Mac OS X (which resemble the Linux and UNIX commands). The example output resulting from the command is shown immediately thereafter without any prefix.

Step 1: Download the CLI

The CLI is written in Java and includes shell scripts for both Windows and Linux/UNIX/Mac OSX.

To install the Amazon CloudWatch CLI

  1. Download the CLI from Amazon CloudWatch Tools.

  2. Save and unpack the Amazon CloudWatch archive to a convenient location on your workstation.

Step 2: Set the JAVA_HOME Environment Variable

The Amazon CloudWatch CLI reads an environment variable (JAVA_HOME) on your computer to locate the Java runtime. The CLI requires Java version 5 or later to run. Either a JRE or JDK installation is acceptable.

To set the JAVA_HOME Environment Variable

  1. At a command prompt, enter the command java -version to determine the version of Java installed on your workstation.

  2. If you do not have version 1.5 or newer, download and install a newer version from http://www.java.com.

  3. Set JAVA_HOME environment variable to point to your Java installation. For example, if your Java executable is in the /usr/jdk/bin directory, set JAVA_HOME to /usr/jdk. If your Java executable is in C:\jdk\bin, set JAVA_HOME to C:\jdk.

    Note

    If you are using Cygwin, you must use Linux/UNIX paths (e.g., /usr/bin instead of C:\usr\bin) for AWS_CLOUDWATCH_HOME and AWS_CREDENTIAL_FILE. However, JAVA_HOME should have a Windows path. Additionally, the value cannot contain any spaces, even if the value is quoted or the spaces are escaped.

    The following Linux/UNIX example shows how to set the JAVA_HOME for a Java executable in the /usr/local/jre/bin directory. 

    $ export JAVA_HOME=/usr/local/jre

    The following Windows example shows how to use the set and setx commands to set JAVA_HOME for a Java executable in the C:\java\jdk1.6.0_6\bin directory. The set command defines JAVA_HOME for the current session and setx makes the change permanent. 

    C:\> set JAVA_HOME=C:\java\jdk1.6.0_6
C:\> setx JAVA_HOME C:\java\jdk1.6.0_6

    Note

    Don't include the bin directory in JAVA_HOME; the CLI won't work if you do.

  4. Add your Java directory to your path before other versions of Java.

    On Linux and UNIX, you can update your PATH as follows: 

    $ export PATH=$JAVA_HOME/bin:$PATH

    Note

    The export command applies only to the current shell session. To permanently create or update an environment variable, include the command in a start-up script. For example, if you use Bash shell, you can include commands in your ~/.bashrc or /etc/profile file.

    On Windows, you can update your PATH as follows. The set command makes the change temporary. To make the change permanent, use the setx command:

    C:\> set PATH=%JAVA_HOME%\bin;%PATH% 
C:\> setx PATH %JAVA_HOME%\bin;%PATH%

    Note

    The setx command does not use the "=" sign.

  5. Verify your JAVA_HOME setting with the command $JAVA_HOME/bin/java -version. 

    $ $JAVA_HOME/bin/java -version
java version "1.6.0_33"
Java(TM) SE Runtime Environment (build 1.6.0_33-b03)
Java HotSpot(TM) Client VM (build 20.8-b03, mixed mode, sharing)

    The syntax is different on Windows, but the output is similar. 

    C:\> %JAVA_HOME%\bin\java -version
java version "1.6.0_33"
Java(TM) SE Runtime Environment (build 1.6.0_33-b03)
Java HotSpot(TM) Client VM (build 20.8-b03, mixed mode, sharing)

Step 3: Set the AWS_CLOUDWATCH_HOME Environment Variable

The CLI depends on an environment variable (AWS_CLOUDWATCH_HOME) to locate supporting libraries. You'll need to set this environment variable before you can use the tool.

To set the AWS_CLOUDWATCH_HOME Environment Variable

  1. Set AWS_CLOUDWATCH_HOME to the path of the directory into which you unzipped the CLI. This directory is named -w.x.y.z (w, x, y, and z are version/release numbers) and contains sub-directories named bin and lib.

    The following Linux/UNIX example sets AWS_CLOUDWATCH_HOME for a directory named -1.0.12.0 in the /usr/local directory. 

    $ export AWS_CLOUDWATCH_HOME=/usr/local/-1.0.12.0

    The following Windows example sets AWS_CLOUDWATCH_HOME for a directory named -1.0.12.0 in the C:\CLIs directory. 

    C:\> set AWS_CLOUDWATCH_HOME=C:\CLIs\-1.0.12.0 
C:\> setx AWS_CLOUDWATCH_HOME C:\CLIs\-1.0.12.0

  2. Add the tool's bin directory to your system PATH. The rest of this guide assumes that you've done this.

    On Linux and UNIX, you can update your PATH as follows: 

    $ export PATH=$PATH:$AWS_CLOUDWATCH_HOME/bin

    On Windows the syntax is slightly different: 

    C:\> set PATH=%PATH%;%AWS_CLOUDWATCH_HOME%\bin 
C:\> setx PATH %PATH%;%AWS_CLOUDWATCH_HOME%\bin

Step 4: Set the AWS_CREDENTIAL_FILE Environment Variable

You must also provide your AWS credentials to the CLI. The CLI reads your credentials from a credential file that you create on your local system.

You can either specify your credentials with the --aws-credential-file parameter every time you issue a command or you can create an environment variable that points to the credential file on your local system. If the environment variable is properly configured, you can omit the --aws-credential-file parameter when you issue a command. The following procedure describes how to create a credential file and a corresponding AWS_CREDENTIAL_FILE environment variable.

To set up security credentials for your CLI

  1. Log in to the AWS security credentials web site.

  2. Retrieve an access key and its corresponding secret key.

    1. Scroll down to the Access Credentials section and select the Access Keys tab.

    2. Locate an active Access Key in the Your Access Keys list.

    3. To display the Secret Access Key, click Show in the Secret Access Key column.

    4. Write down the keys or save them.

    5. If no Access Keys appear in the list, click Create a New Access Key and follow the on-screen prompts.

  3. Add your access key ID and secret access key to the file named credential-file-path.template:

    1. Open the file credential-file-path.template included in your CLI archive.

    2. Copy and paste your access key ID and secret access key into the file.

    3. Rename the file and save it to a convenient location on your computer.

    4. If you are using Linux, set the file permissions as follows: 

      $ chmod 600 credential-file-name

      Note

      On Windows you don't need to change the file permissions.

  4. Set the AWS_CREDENTIAL_FILE environment variable to the fully qualified path of the file you just created.

    The following Linux/UNIX example sets AWS_CREDENTIAL_FILE for myCredentialFile in the /usr/local directory. 

    $ export AWS_CREDENTIAL_FILE=/usr/local/myCredentialFile

    The following Windows example sets AWS_CREDENTIAL_FILE for myCredentialFile.txt in the C:\aws directory. 

    C:\> set AWS_CREDENTIAL_FILE=C:\aws\myCredentialFile.txt 
C:\> setx AWS_CREDENTIAL_FILE C:\aws\myCredentialFile.txt

Step 5: Set the Region

By default, the Amazon CloudWatch tools use the US East (Northern Virginia) Region (us-east-1) with the monitoring.us-east-1.amazonaws.com service endpoint URL. If your instances are in a different region, you must specify the region where your instances reside. For example, if your instances are in Europe, you must specify the EU (Ireland) Region by using the --region eu-west-1 parameter or by setting the AWS_CLOUDWATCH_URL environment variable.

This section describes how to specify a different Region by changing the service endpoint URL.

To specify a different Region

  1. To view available Regions go to Regions and Endpoints in the Amazon Web Services General Reference.

  2. If you want to change the service endpoint, set the AWS_CLOUDWATCH_URL environment variable.

    • The following Linux/UNIX example sets AWS_CLOUDWATCH_URL to the EU (Ireland) Region.

      $ export
	                            	AWS_CLOUDWATCH_URL=https://monitoring.eu-west-1.amazonaws.com

    • The following Windows example sets AWS_CLOUDWATCH_URL to the EU (Ireland) Region.

      C:\> set
	                            	AWS_CLOUDWATCH_URL=https://monitoring.eu-west-1.amazonaws.com
	                             
C:\> setx AWS_CLOUDWATCH_URL
	https://monitoring.eu-west-1.amazonaws.com

Step 6: Test Your Configuration

After you have installed and configured the Amazon CloudWatch CLI, you should test your configuration.

To test your installation and configuration of Amazon CloudWatch

  1. On your workstation, open a new command prompt.

  2. Type the command mon-cmd.

  3. You should see output similar to the following:

    Command Name                       Description                                            
------------                       -----------               
mon-delete-alarms                  Delete alarms.      
mon-describe-alarm-history         Describe alarm history.  
mon-describe-alarms                Describe alarms fully. 
mon-describe-alarms-for-metric     Describe all alarms ... a single metric.
mon-disable-alarm-actions          Disable all actions for a given alarm.
mon-enable-alarm-actions           Enable all actions for a given alarm.
mon-get-stats                      Get metric statistics.        
mon-list-metrics                   List user's metrics.      
mon-put-data                       Put metric data. 
mon-put-metric-alarm               Create new alarm or update existing one.
mon-set-alarm-state                Manually set the state of an alarm.
mon-version                        Prints the version ... tool and the API. 

For help on a specific command, type '<commandname> --help'

This completes your installation and configuration of the CloudWatch CLI.

CLI Example

This section shows some examples of CLI usage.

Note

This section uses CLI for Amazon CloudWatch and Amazon EC2. For more information about the Amazon EC2 CLI, go to Getting Started with the Command Line Tools in the Amazon Elastic Compute Cloud User Guide.

  • Use the EC2 ec2-run-instances command as in the following example.

    PROMPT>ec2-run-instances ami-60a54009 -n 3 --availability-zone us-east-1a

    Note

    If you wanted to automatically monitor all of the EC2 Instances spun up by the preceding command, you would add --monitoring. This lets you skip step 2 in this procedure.

    The command returns a unique identifier for each launched instance. You use the instance ID to manipulate the instance. This includes viewing the status of the instance, terminating the instance, and so on. Launching the instance takes a few minutes.

    RESERVATION r-237fed4a 853279305796 default
INSTANCE i-d9add0b0 ami-60a54009 pending 0 m1.small 2009-05-14T12:38:24+0000 us-east-1a aki-a71cf9ce ari-a51cf9cc monitoring-disabled

  • Use the mon-list-metrics command to get a list of what metrics are being stored for your AWS account. For example:

    PROMPT>mon-list-metrics

    The mon-list-metrics outputs a table containing the Metric name, Namespace, and Dimension associated with each metric. For example:

    CPUUtilization       AWS/EC2  {InstanceId=i-c385b3aa}
CPUUtilization       AWS/EC2  {ImageId=ami-11ca2d78}
CPUUtilization       AWS/EC2  {InstanceType=m1.small}
CPUUtilization       AWS/EC2
DiskReadBytes        AWS/EC2  {ImageId=ami-11ca2d78}
DiskReadBytes        AWS/EC2  {InstanceType=m1.small}
DiskReadBytes        AWS/EC2
DiskReadBytes        AWS/EC2  {InstanceId=i-c385b3aa}
DiskReadOps          AWS/EC2  {InstanceId=i-c385b3aa}
DiskReadOps          AWS/EC2  {InstanceType=m1.small}
DiskReadOps          AWS/EC2
DiskReadOps          AWS/EC2  {ImageId=ami-11ca2d78}
DiskWriteBytes       AWS/EC2  {InstanceId=i-c385b3aa}
DiskWriteBytes       AWS/EC2  {InstanceType=m1.small}
DiskWriteBytes       AWS/EC2  {ImageId=ami-11ca2d78}
DiskWriteBytes       AWS/EC2
DiskWriteOps         AWS/EC2  {InstanceId=i-c385b3aa}
DiskWriteOps         AWS/EC2  {ImageId=ami-11ca2d78}
DiskWriteOps         AWS/EC2  {InstanceType=m1.small}
DiskWriteOps         AWS/EC2
NetworkIn            AWS/EC2
NetworkIn            AWS/EC2  {InstanceId=i-c385b3aa}
NetworkIn            AWS/EC2  {ImageId=ami-11ca2d78}
NetworkIn            AWS/EC2  {InstanceType=m1.small}
NetworkOut           AWS/EC2  {InstanceType=m1.small}
NetworkOut           AWS/EC2
NetworkOut           AWS/EC2  {ImageId=ami-11ca2d78}
NetworkOut           AWS/EC2  {InstanceId=i-c385b3aa}

  • Use the EC2 ec2-monitor-instances command as in the following example.

    PROMPT> ec2-monitor-instances i-43a4412a

    ec2-monitor-instances returns a table that contains the selected instance IDs and the current monitoring state.

    i-43a4412a monitoring-pending

  • Use the Amazon CloudWatch mon-get-stats command as in the following example.

    PROMPT> mon-get-stats CPUUtilization --start-time 2009-05-15T00:00:00 --end-time 2009-05-16T00:00:00 --period 60 --statistics "Average" 
--namespace "AWS/EC2" --dimensions "ImageId=ami-60a54009"

    Amazon CloudWatch returns a response similar to the following (the data has been truncated for brevity):

    2009-05-15 	22:42:00   	0.38   Percent
2009-05-15 	22:48:00   	0.39   Percent
2009-05-15 	22:54:00   	0.38   Percent

    Note

    Amazon CloudWatch returns the data for this function in the following order: date, time, sample, CPUUtilization, and unit.

Query API

Query requests are HTTP or HTTPS requests that use the HTTP verb GET or POST and a Query parameter named Action or Operation. Action is used throughout this documentation, although Operation is supported for backward compatibility with other AWS Query APIs.

Amazon CloudWatch Endpoints

For information about this product's regions and endpoints, go to Regions and Endpoints in the Amazon Web Services General Reference.

Query Parameters

Each Query request must include some common parameters to handle authentication and selection of an action. For more information, see Common Query Parameters in the Amazon CloudWatch API Reference.

Note

Some API operations take lists of parameters. These lists are specified using the following notation: param.member.n. Values of n are integers starting from 1. All lists of parameters must follow this notation, including lists that contain only one parameter. For example, a Query parameter list looks like this:

&attribute.member.1=this
&attribute.member.2=that

The RequestId

In every response from Amazon Web Services (AWS), you will find ResponseMetadata, which contains a string element called RequestId. This is simply a unique identifier that AWS assigns to provide tracking information. Although RequestId is included as part of every response, it will not be listed on the individual API documentation pages to improve readability of the API documentation and to reduce redundancy.

Query API Authentication

You can send Query requests over either HTTP or HTTPS. Regardless of which protocol you use, you must include a signature in every Query request. This section describes how to create the signature. The method described in the following procedure is known as signature version 2.

To create the signature

  1. Create the canonicalized query string that you will need later in this procedure:

    1. Sort the UTF-8 query string components by parameter name with natural byte ordering.

      The parameters can come from the GET URI or from the POST body (when Content-Type is application/x-www-form-urlencoded).

    2. URL-encode the parameter name and values according to the following rules:

      • Do not URL-encode any of the unreserved characters that RFC 3986 defines.

        These unreserved characters are A-Z, a-z, 0-9, hyphen ( - ), underscore ( _ ), period ( . ), and tilde ( ~ ).

      • Percent-encode all other characters with %XY, where X and Y are hex characters 0-9 and uppercase A-F.

      • Percent-encode extended UTF-8 characters in the form %XY%ZA and so on.

      • Percent-encode the space character as %20 (and not +, as common encoding schemes do).

      Note

      Currently, all AWS service parameter names use unreserved characters, so you don't need to encode them. However, you might want to include code to handle parameter names that use reserved characters, for possible future use.

    3. Separate the encoded parameter names from their encoded values with the equals sign ( = ) (ASCII code 61), even if the parameter value is empty.

    4. Separate the name-value pairs with an ampersand ( & ) (ASCII code 38).

  2. Create the string to sign according to the following pseudo-grammar (the "\n" represents an ASCII newline).

    StringToSign = HTTPVerb + "\n" +
ValueOfHostHeaderInLowercase + "\n" +
HTTPRequestURI + "\n" +         
CanonicalizedQueryString <from the preceding step>

    The HTTPRequestURI component is the HTTP absolute path component of the URI up to but not including the query string. If the HTTPRequestURI is empty, use a forward slash ( / ).

  3. Calculate an RFC 2104-compliant HMAC with the string you just created, your Secret Access Key as the key, and SHA256 or SHA1 as the hash algorithm.

    For more information, go to http://www.ietf.org/rfc/rfc2104.txt.

  4. Convert the resulting value to base64.

  5. Use the resulting value as the value of the Signature request parameter.

Important

The final signature you send in the request must be URL-encoded as specified in RFC 3986 (for more information, go to http://www.ietf.org/rfc/rfc3986.txt). If your toolkit URL-encodes your final request, then it handles the required URL-encoding of the signature. If your toolkit doesn't URL-encode the final request, then make sure to URL-encode the signature before you include it in the request. Most importantly, make sure the signature is URL-encoded only once. A common mistake is to URL-encode it manually during signature formation, and then again when the toolkit URL-encodes the entire request.

Query API Examples

Example ListMetrics API Request

This example uses the Amazon CloudWatch ListMetrics action.

http://monitoring.amazonaws.com/?SignatureVersion=2
&Action=ListMetrics
&Version=2010-08-01
&AWSAccessKeyId=<Your AWS Access Key Id>
&SignatureVersion=2
&SignatureMethod=HmacSHA256
&Timestamp=2010-11-17T05%3A13%3A00.000Z

The following is the string to sign.

GET\n
monitoring.amazonaws.com\n
/\n
AWSAccessKeyId=<Your AWS Access Key Id>
&Action=ListMetrics
&SignatureMethod=HmacSHA256
&SignatureVersion=2
&Timestamp=2010-11-17T05%3A13%3A00.000Z
&Version=2010-08-01

The following is the signed request.

http://monitoring.amazonaws.com/?Action=ListMetrics
&SignatureVersion=2
&SignatureMethod=HmacSHA256
&Timestamp=2010-11-17T05%3A13%3A00.000Z
&Signature=<URLEncode(Base64Encode(Signature))>
&Version=2010-08-01
&AWSAccessKeyId=<Your AWS Access Key Id>

Example ListMetrics API Request Using NextToken Value

This example uses the Amazon CloudWatch ListMetrics action and the NextToken value to retrieve more than 500 metrics.

  1. Create the string to sign according to the following pseudo-grammar (the "\n" represents an ASCII newline).

    StringToSign = HTTPVerb + "\n" +
ValueOfHostHeaderInLowercase + "\n" +
HTTPRequestURI + "\n" +         
CanonicalizedQueryString <from the preceding step>

    The HTTPRequestURI component is the HTTP absolute path component of the URI up to but not including the query string. If the HTTPRequestURI is empty, use a forward slash ( / ).

  2. Prepare a string to sign, as in the following example:

    GET\n
monitoring.amazonaws.com\n
/\n
AWSAccessKeyId=<Your AWS Access Key Id>
&Action=ListMetrics
&SignatureMethod=HmacSHA256
&SignatureVersion=2
&Timestamp=2010-11-17T05%3A13%3A00.000Z
&Version=2010-08-01

    The following are specified in the example:

    Action specifies the action to take (e.g., ListMetrics).

    AWSAccessKeyId specifies the AccessKeyId for your AWS account (replace <Your AWS Access Key ID> with your actual AWSAccessKeyId).

    SignatureVersion specifies the version of the signature (e.g., 2).

    Timestamp2012-09-27T17:06:23.000Z specifies the time stamp of the request (e.g., 09/27/2012, 17:06:23 ).

    Version2010-08-01 specifies the version of the ListMetrics API (e.g., last released on 2010-08-01).

  3. Sign the request URL with the string from the previous step. The following example shows the signed request URL.

    http://monitoring.amazonaws.com?SignatureVersion=2
&Action=ListMetrics
&Version=2010-08-01
&Timestamp=2012-09-27T17%3A14%3A01.000Z
&AWSAccessKeyId=<Your AWS Access Key ID>
&Signature=iE68300Pbl%2BDsKM5mFiOhHWEXAMPLE

    The following are specified in the example:

    Action specifies the action to take (e.g., ListMetrics).

    Version2010-08-01 specifies the version of the ListMetrics API (e.g., last released on 2010-08-01).

    Timestamp2012-09-27T17:06:23.000Z specifies the time stamp of the request (e.g., 09/27/2012, 17:06:23 ).

    AWSAccessKeyId specifies the AccessKeyId for your AWS account (replace <Your AWS Access Key ID> with your actual AWSAccessKeyId).

    Signature specifies the signature for signing the request (e.g., <URLEncode(Base64Encode(Signature))>=iE68300Pbl%2BDsKM5mFiOhHWEXAMPLE).

  4. Copy the signed request URL to your web browser and press Enter to run the request. You should get results similar to the following: 

    <ListMetricsResponse>
    <ListMetricsResult>
        <Metrics>
            <member>
                <Dimensions>
                    <member>
                        <Name>InstanceId</Name>
                        <Value>i-8dea01f0</Value>
                    </member>
                </Dimensions>
                <MetricName>CPUUtilization</MetricName>
                <Namespace>AWS/EC2<Namespace>
            </member>
            <member>
                <Dimensions>
                    <member>
                        <Name>InstanceId</Name>
                        <Value>i-7dee09t3</Value>
                    </member>
                </Dimensions>
                <MetricName>CPUUtilization</MetricName>
                <Namespace>AWS/EC2<Namespace>
            <member>
            </member>
        </Metrics>
        <NextToken>NNNTTT</NextToken>
    </ListMetricsResult>
    <ResponseMetadata>
        <RequestId>8f95da07-08c8-11e2-9cdd-4d93ea583888</RequestId>
    </ResponseMetadata>
</ListMetricsResponse>

  5. From the output in Step 4, save the NextToken value. In this example it is NNNTTT, but it is normally a very long string.

  6. Prepare the string to sign and include the NextTokenNNNTTT value.

  7. Sign the request URL with the string from Step 6. The following example is the signed request URL. It is similar to the signed request URL in Step 3, except that it has the NextTokenNNNTTT value.

    http://monitoring.amazonaws.com?SignatureVersion=2
&Action=ListMetrics
&Version=2010-08-01
&NextToken=NNNTTT
&Timestamp=2012-09-27T17%3A45%3A14.000Z
&AWSAccessKeyId=<Your AWS Access Key ID>
&Signature=iE68300Pbl%2BDsKM5mFiOhHWEXAMPLE

  8. To get the next 500 metrics, copy the signed request URL to your web browser, and press Enter. You can repeat the request with the same parameters and the new NextToken until you have retrieved all of the metrics.


Query API Error Messages

Example Error Message When Using the Wrong AWS Secret Access Key to Calculate the Signature

<ErrorResponse>
    <Error>
        <Type>Sender</Type>
        <Code>SignatureDoesNotMatch</Code>
        <Message>
	        The request signature we calculated does not match the signature you
        	provided. Check your AWS Secret Access Key and signing method. Consult the service
        	documentation for details.
        </Message>
    </Error>
    <RequestId>a9c1a06e-0d80-11e2-ac80-9646d110ca61<RequestId>
</ErrorResponse>

Example Error Message When Using the Wrong AWS AccessKeyID

<ErrorResponse>
    <Error>
        <Type>Sender</Type>
        <Code>InvalidClientTokenId</Code>
        <Message>
            The security token included in the request is invalid
        </Message>
    </Error>
    <RequestId>5134a3b8-0d82-11e2-9b0a-db3eb46b3dbd</RequestId>
</ErrorResponse>

Example Error Message When Providing Incorrect Parameters

The following example shows how to make a request with the MetricName parameter "TestMetric".

The signed URL looks like this:

http://monitoring.amazonaws.com?SignatureVersion=2
&Action=ListMetrics
&Version=2010-08-01
&MetricName=TestMetric
&Timestamp=2012-09-27T17%3A14%3A01.000Z
&AWSAccessKeyId=<Your AWS Access Key ID>
&Signature=iE68300Pbl%2BDsKM5mFiOhHWEXAMPLE

When you try to retrieve more metrics with the NextToken, you have to provide the same parameters as in the previous request. If you provide the wrong parameters, provide more parameters, or provide fewer parameters (assume that the NextToken is correct), you will get the following error:

<ErrorResponse>
    <Error>
        <Type>Sender</Type>
        <Code>InvalidParameterValue</Code>
        <Message>Invalid nextToken</Message>
    </Error>
    <RequestId>cb1c4191-0e5d-11e2-9c15-6f306828daaa<RequestId>
</ErrorResponse>

Available Libraries

AWS provides libraries, sample code, tutorials, and other resources for software developers who prefer to build applications using language-specific APIs instead of the command-line tools and Query. These libraries provide basic functions (not included in the APIs), such as request authentication, request retries, and error handling so that it is easier to get started. Libraries and resources are available for the following languages and platforms:

For libraries and sample code in all languages, go to Sample Code & Libraries.

Document Conventions« PreviousNext »
Terms of UseDid this page help you?  Yes | No |  Tell us about it...