I want to troubleshoot an Amazon CloudWatch metric stream that doesn’t forward metrics to the destination.
Resolution
Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.
To troubleshoot a CloudWatch metric stream that doesn't forward metrics to the destination, check the following:
- Check whether the metric stream status is Running. If the status is Running, then there might not be any data streamed to the destination because of filter streams. Use the CloudWatch console or GetMetricStream API to check all the filters that are present in metric streams. Make sure that you check IncludeFilters and ExcludeFilters to identify what metrics are streamed.
- Check whether the metric stream status is Stopped. If the status is Stopped, then this indicates that the stream was stopped by a user and not because of an error. It's a best practice to stop your stream to temporarily pause the data stream and not delete the stream. Use the CloudWatch console, AWS CLI, or the StopMetricStreams API to perform a stop action.
Note: If you stop and restart a metric stream, then the metric data that was published to CloudWatch isn't backfilled to the metric stream.
- Check whether the metrics were published more than two days in the past. Metrics published more than two days in the past aren't streamed. To check whether a metric is streamed, graph the metric in the CloudWatch console and check how old the last data point is.
- Check the metrics that are forwarded by the metric stream to CloudWatch. In the CloudWatch console, under Metrics, view the AWS/CloudWatch/MetricStreams namespace for PublishErrorRate metrics. If the PublishErrorRate metric is high, then check that the destination for the Amazon Data Firehose delivery stream exists.
- Check the AWS Identity and Access Management (IAM) role specified in the metric stream's configuration. Make sure that the role grants the CloudWatch service principal permissions to write to the final destination. Also, make sure that the necessary trust relationship policy between the CloudWatch metric stream and Firehose exists.
- Check whether the Firehose delivery stream receives data. In the Firehose console, view the Firehose delivery stream that's used and check the IncomingBytes and IncomingRecord metric under the Monitoring tab.
- Check that the destination settings for your Firehose delivery stream are correctly configured. You can also use the final destination logs and metrics that the delivery stream writes to.
- Turn on Amazon CloudWatch Logs error logging on the Firehose delivery stream to get more detailed information on errors.