AWS CloudTrail vs CloudWatch
CloudTrail
CloudTrail is a AWS management service, it's use case is to audit and analyze the AWS account, It records all the operational actions including root and IAM users login logout details, command line interface (CLI), SDKs, and APIs which are performed by IAM users, roles and root users. You can use CloudTrail logs to troubleshoot operational or security issues in your AWS account.The CloudTrail event logs stored into S3 bucket and AWS CloudTrail allows you to customize S3 buckets to store the logs. Customized configuration of trail logs stored in to specified bucket and it supports various customized CloudTrail services. You can see the last 90 days events history on AWS console.
CloudWatch
CloudWatch is also a AWS Management service, it monitors the AWS resources such as EC2 instances, Dynamo DB tables, RDS instances and health check of instances and running applications in real time, based on AWS metrics. The user can access the logs from EC2, AWS CloudTrail, Route 53 to analyze and troubleshoot. CloudWatch can be used to track the metrics of defined variables to measure the resources and applications. It sends notifications to registered mail recipients if configured metric value reached to thresholds.
CloudWatch Metrics
AWS provides total 247 metrics to monitor the services such as EC2, EBS, S3, SNS, and Trusted Advisor. But, the service metrics and it's count will vary in each region.
Alarm
CloudWatch alarm allows to closely monitor the each metric and performs one or more actions based on the configured thresholds. It performs the automatic actions on behalf of the user, if the configured metric alarm threshold breaches. CloudWatch alarms are limited up to 500 per region per account. It sends email notification to the specified recipients by usingSimple Notification Service (SNS). CloudWatch alarm can be also used to monitor the Billing estimated charges and push the notifications if usage limit is exceeding the defined threshold.