AWS used its recent re:Invent 2025 conference and exhibition to expand Amazon CloudWatch. The service now has deeper and more unified capabilities to manage log data across operational, security and compliance use cases.

Not defined as an observability tool per se (although it looks rather like one), AWS CloudWatch is usually referred to as a “monitoring service” designed to provide operational performance metrics based on log file monitoring for AWS resources.

Capable of monitoring both infrastructure resources and the applications that run on it, AWS CloudWatch is known for its ability to set alarms that trigger automatic actions, such as sending email notifications or scaling resources when specific operational conditions or thresholds (such as CPU usage) are met.

Dodging Data Duplication

AWS says that the unification of Amazon CloudWatch across a wider set of use cases reduces data duplication, which in turn reduces costs. So, how does it do this? 

New enhancements to this technology’s operational fabric mean it can automatically normalize and process data to offer consistency across sources with built-in support for Open Cybersecurity Schema Framework (OCSF) and Open Telemetry (OTel) formats.

The CloudWatch team has also introduced Apache Iceberg-compatible access to data through Amazon Simple Storage Service (Amazon S3) Tables. This means cloud engineers can run analytics locally and also use Amazon Athena (a serverless analytics service from AWS), the Amazon SageMaker Unified Studio data and AI development environment, or any other Iceberg-compatible tool.

Why Iceberg is Hot 

Why does this latest extension of this toolset matter in relation to Apache Iceberg as a currently (pardon the term) hot technology? 

Because there is an ascendancy of Iceberg in 2025 after Databricks acquired Tabular (a company founded by Iceberg’s original creators) last year, which was regarded as a reasonable endorsement. Plus also, Snowflake has aligned itself to the Apache Iceberg open table format in addition to its own native data table formats. Well-known brands including  Apple, Netflix and Tencent have also embraced Iceberg in their production environments, all of which elements have helped legitimize Iceberg as a cross-platform standard.

AWS says that cloud engineers can also now correlate operational data in CloudWatch with other business data from “preferred tools” to correlate with other data. This unified approach is intended to streamline management and provide correlation across the aforementioned span of security, operational and business use cases.

While AWS has not specified the type of business use cases it alludes to here, or the preferred tools that the business function might wish to align with… we can reasonably suggest that we might be in the realm of ERP tools, CRM functions or perhaps even HCM, especially if agentic “workers” are now classed as a human resource function.

Ever-present AWS platform blogger Channy Yun (윤석찬) has explained that integrated search in CloudWatch is now particularly valuable for security monitoring, incident investigation and suspicious behavior detection. Users can view if an IP connection that’s making network connections is also performing sensitive AWS operations, such as creating users, modifying security groups, or accessing data.

Unravelling Complex ETL Pipelines

“CloudWatch consolidates log management into a single service with built-in governance capabilities without storing and maintaining multiple copies of the same data across different tools and data stores. The unified data store of CloudWatch eliminates the need for complex ETL pipelines and reduces your operational costs and management overhead needed to maintain multiple separate data stores and tools,” said Yun.

He says that cloud engineers can run queries in CloudWatch using natural language queries and popular query languages such as LogsQL, PPL, and SQL through a single interface, or query your data using any preferred analytics tools through Apache Iceberg-compatible tables.

The new log management features of Amazon CloudWatch are available in all AWS Regions except the AWS GovCloud (US) Regions and China Regions.

TECHSTRONG TV

Click full-screen to enable volume control
Watch latest episodes and shows

Tech Field Day Events

SHARE THIS STORY

RELATED STORIES:

AWS Puts the Spotlight on Economic and Environmental Sustainability at re:Invent 2022

Snowflake Embraces Apache Iceberg

StarTree Bridges the Lakehouse Gap: Serving Apache Iceberg Data Directly to Applications

Amazon S3 Storage Lens – Tuning Up Cost-Efficiency in Cloud with Full Visibility