AWS has expanded Amazon CloudWatch to unify log management across operational and security use cases. By integrating native OCSF normalization and Apache Iceberg-compatible storage via S3 Tables, the

InfoQ is a leading online platform for software developers, architects, and technical leaders, providing news, articles, presentations, and interviews on a wide range of topics, including agile practices, DevOps, microservices, and emerging technologies. With a focus on quality content and expert insights, InfoQ helps professionals stay informed about the latest trends, best practices, and industry developments. Developers can learn from real-world experiences, gain  knowledge, and connect with peers in the global software community through InfoQ's diverse and engaging content.

InfoQ

AWS has transformed CloudWatch into a unified observability platform that consolidates operational, security, and compliance logs across multi-account environments. The update introduces Apache Iceberg-compatible access through S3 Tables, enabling in-place querying without ETL pipelines, and native support for OCSF and OpenTelemetry standards. CloudWatch now aggregates logs from AWS services and third-party sources like CrowdStrike and Okta, offering natural language queries and multiple query languages through a single interface. While this positions CloudWatch as a potential alternative to Splunk and Datadog for AWS-centric organizations with lower costs, critics note it primarily replicates existing capabilities with tighter AWS ecosystem integration.

AWS CloudWatch Evolves into Unified Observability Platform with Apache Iceberg Support