SQS Monitoring

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

In the last blog post, we have discussed how to configure encryption in SQS.

https://cloudaffaire.com/how-to-configure-encryption-in-sqs/

In this blog post, we will discuss SQS queue monitoring.

SQS Monitoring:

When you create an SQS queue, AWS by default enables CloudWatch and CloudTrail monitoring for your queue.

CloudWatch Monitoring:

AWS SQS and AWS CloudWatch are integrated so you can use CloudWatch to view and analyze metrics for your AWS SQS queues. CloudWatch metrics for your AWS SQS queues are automatically collected and pushed to CloudWatch every five minutes.

Note: Detailed monitoring (or one-minute metrics) is currently unavailable for AWS SQS.

CloudWatch Metrics for SQS:

• ApproximateAgeOfOldestMessage (Units: Seconds): The approximate age of the oldest non-deleted message in the queue.
• ApproximateNumberOfMessagesDelayed (Units: Count): The number of messages in the queue that are delayed and not available for reading immediately.
• ApproximateNumberOfMessagesNotVisible (Units: Count): The number of messages that are in flight.
• ApproximateNumberOfMessagesVisible (Units: Count): The number of messages available for retrieval from the queue.
• NumberOfEmptyReceives (Units: Count): The number of ReceiveMessage API calls that did not return a message.
• NumberOfMessagesDeleted (Units: Count): The number of messages deleted from the queue.
• NumberOfMessagesReceived (Units: Count): The number of messages returned by calls to the ReceiveMessage action.
• NumberOfMessagesSent (Units: Count): The number of messages added to a queue.
• SentMessageSize (Units: Bytes): The size of messages added to a queue.

Note: For standard queues, the result is approximate and for FIFO queues, the result is exact.

CloudTrail Monitoring:

AWS SQS is integrated with AWS CloudTrail, a service that provides a record of the AWS SQS calls that a user, role, or AWS service makes. CloudTrail captures API calls related to AWS SQS queues as events, including calls from the AWS SQS console and code calls from AWS SQS APIs.

CloudTrail supports logging the following actions:

• AddPermission: When you add a permission to a queue for a specific principal.
• CreateQueue: When you create a new queue.
• DeleteQueue: When you delete a queue.
• PurgeQueue: When you delete the messages from a queue.
• RemovePermission: When you revoke any permissions in the queue policy.
• SetQueueAttributes: When you set the value of one or more queue attributes.

Next, we are going to view CloudWatch and CloudTrail monitoring for SQS queue through AWS console.

Step 1: Login to AWS console and navigate to ‘SQS’.

Step 2: Select your queue that you want to monitor and navigate to ‘Monitoring’ tab. Click on the metrics that you want to view.

Next, we are going to view CloudTrail logs for our SQS queue.

Step 3: From ‘Services’ navigate to ‘CloudTrail’.

Step 4: Click ‘View all events’ to list all events.

Step 5: Select ‘Event source’ as ‘sqs.amazonaws.com’ in ‘Filter’ and click on any one event that you want to view.

You can view details like IP address, event-type and time. Click ‘View event’ to get additional details.

Hope you have enjoyed this article. In the next blog post, we will discuss Standard Vs FIFO queue in SQS.

To get more details on AWS SQS, please refer below AWS documentation

https://docs.aws.amazon.com/sqs/index.html