Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
3.2.2.8. Configuring AWS X-Ray for Different Services (Containers, API Gateway, Lambda)
3.2.2.8. Comparative Table: Monitoring Tools
| Tool | Primary Purpose | Data Source | Query Capability | Cost Model |
|---|---|---|---|---|
| CloudWatch Metrics | Time-series monitoring & alarms | AWS services, custom metrics | Metric math, anomaly detection | Per-metric, per-alarm |
| CloudWatch Logs | Log aggregation & search | Applications, AWS services | Logs Insights (SQL-like) | Per-GB ingested + stored |
| CloudWatch Synthetics | Proactive endpoint monitoring | Canary scripts you define | Pass/fail + screenshots | Per-canary run |
| AWS X-Ray | Distributed tracing | Instrumented applications | Service map, trace analysis | Per-trace recorded |
| CloudTrail | API audit logging | All AWS API calls | Athena, CloudTrail Lake | Per-event (data events) |
| AWS Config | Configuration compliance | Resource configurations | Config queries (SQL) | Per-rule evaluation |
| Amazon Inspector | Vulnerability scanning | EC2, ECR, Lambda | Findings API, Security Hub | Per-scan |
| Security Hub | Security finding aggregation | GuardDuty, Inspector, Config | Findings dashboard | Per-finding |
| Amazon GuardDuty | Threat detection | CloudTrail, VPC Flow, DNS | Findings API | Per-GB analyzed |
Selection guide for exam scenarios:
- "Track API calls for security" → CloudTrail
- "Monitor application performance" → CloudWatch Metrics + X-Ray
- "Detect unusual API patterns" → CloudTrail Insights or GuardDuty
- "Check resource compliance" → AWS Config
- "Find vulnerabilities in containers" → Amazon Inspector
- "Aggregate all security findings" → Security Hub
Exam Trap: GuardDuty and CloudTrail Insights both detect unusual API activity — but they serve different purposes. GuardDuty uses ML to detect threats (compromised credentials, cryptocurrency mining, data exfiltration). CloudTrail Insights detects anomalous call volumes (sudden spike in DeleteBucket calls). For security threats, GuardDuty is the answer. For operational anomalies, CloudTrail Insights is the answer.

Written byAlvin Varughese•Founder•15 professional certifications