Monitor OpenSearch Status On EC2 with CloudWatch Alarm

Sometimes we want to know right away whether our OpenSearch is running or not. It could be troublesome to execute commands such as  systemctl status opensearch  every time to check OpenSearch status. With the help of AWS CloudWatch, we can monitor and send an alarm notification to inform us the status of OpenSearch running on our EC2 instance.


  1. AWS CLI must be installed on your EC2 instance server.
    You can install AWS CLI with the following command if you haven’t already. For more information click here.
  2. IAM role with the permission of ‘CloudWatchAgentServer’ must be attached to your EC2 instance running OpenSearch.
  3. OpenSeach is installed on your EC2 instance server.


Prepare Scripts on EC2 Instance Server

Step 1
Login to the server running OpenSearch and create a new folder.

Step 2
Navigate to folder.

Step 3
Create 3 files: instance-id,,
These files will contain the scripts to send necessary information of OpenSearch status to CloudWatch.

Step 4

Make the .sh files executable.

Step 5

Edit file with vim or any editors.

Add the following code as it is and save.

The 169.254. 169.254 IP address is a “magic” IP in the cloud world, in AWS it used to retrieve user data and instance metadata specific to a instance.
In this case, the code will curl the instance id of our OpenSearch server.

Step 6

With the help of cron, the file will be run and the instance id will be added to instance-id file – which later will be used by opensearch-monitor file.
To do so open cron table.

Let cron run this script everytime the EC2 instance reboots. Add the following command and save.

Step 7

Edit file

Step 8

Add this scripts to file.

Option 1

・ file exists only when OpenSearch is active or running.
・The checkOpenSearchStatus  function verifies whether OpenSearch is running by checking the existence of the file.
・When this file is run it will create new metric and namespace in CloudWatch and send the value of 0 if OpenSearch status is active (running) and 1 if OpenSearch status is inactive (dead).

Option 2

・If somehow .pid file doesn’t exist, you can use the following function as a workaround.
・The checkOpenSearchStatus  function will run a commands to check if OpenSearch is in active state.

Step 9
With the help of cron, we can run this script every one minute.
Let’s open cron table again.

Add the following line below to run every one minute.

Racap: now your crontab should look something like this.

PATH="/usr/local/bin:/usr/bin:/bin"  is to help cron know which command to use.
This line is optional if cron run your file as expected.

Step 10

Restart EC2 instance server.
If it’s not possible to restart your instance you can run this command manually.
/bin/bash /bashcripts/ > /bashcripts/instance-id

Step 11

Let’s check if our cron working correctly.
Go to /bashcripts, view the instance id file.

It should outputs the instance id like the following.

View CloudWatch Metrics

Step 12
On AWS console go to CloudWatch. Click on ‘All metrics’ and the opensearch_status should be appear under custom namespaces.

Step 13
Click opensearch_status, click InstanceId, tick your instance.

Step 14
Click ‘Graphed metrics’ tab. Set the following parameters.

Static: Maximum
Period: 1 minute

Try to stop and start OpenSearch with the following commands.

Your ‘Graphed metrics’ should look like this.
Note that it may take up to 5 minutes for CloudWatch to display the updated metrics, so the graph might not appear immediately.

Create and Setup Alarm to Monitor OpenSearch Status

Step 15
Create an SNS topic.

Step 16
This time, I chose email protocol to send notifications, however feel free to chose any protocol according to your needs.
Check your email inbox and don’t forget to confirm your subscription.

Step 17
Let’s create an alarm. Go to CloudWatch, click Alarm > All alarms > Create Alarm.
You should see this setting page. Then c
lick Select metric > opensearch_status > InstanceId > (your instance) .

Step 18
For metric, set as following. 

Statistic: Maximum
Period: 1 minute

For conditions, set as the following.

Step 19
Notification settings.
This will send notification to the SNS topic we created earlier when in alarm state is triggered.

It’s recommended to also set notification when alarm is back to OK state. To do so click ‘Add notification’ and set like the following.

Step 20
Set your alarm name and description. Note the Alarm name can’t be change after creation. To change alarm name you must delete the alarm and create the new one.

Click next, preview and create alarm.
The alarm will be created and will trigger if the OpenSearch service fails.


With the help of CloudWatch and cron, we can monitor our OpeSearch status running on EC2 instance and automate sending notification when the service fails.
Althought this article is specifically for OpenSearch, this method is also applicable for any other processor monitoring.

いいね ! しよう

Twitter で
The following two tabs change content below.
Esar Suwandi
Software engineer based in Tokyo focused on Web Development. 4x AWS Certified: CLF, SAA, SAP, DOP. Let's build something awesome! ― Web開発に特化したソフトウェアエンジニアです。 4x AWS認定者です。素晴らしいものを作りましょう!