• Create IAM role with CloudWatchLogsFullAccess and attach to EC2 instance profile.
• Install aws-cloudwatch-logger package via Composer and publish config.
• Add CloudWatch channel to config/logging.php (group=/laravel/prod, stream=app).
• Configure monolog formatter to include request_id, user_id, memory_peak.
• Create metric filter ERROR → namespace Laravel/Prod, metric ErrorCount.
• Create metric filter 404 → metric NotFoundCount.
• Add CloudWatch alarm ErrorCount > 10 in 5 min → SNS → Slack #ops.
• Set 14-day retention on log group and export to S3 (parquet) for Athena.
• Provide 1-page guide for adding custom metrics later.

Deliverables:

• IAM role JSON, config/logging.php patch, .env example.
• CloudWatch dashboard JSON (error rate, 404 count, memory peak).
• Slack screenshot showing alert.
• CSV export sample from Athena.

Business value:

Support team sees real-time errors in Slack; developers query logs via CloudWatch Insights without SSH; audit team gets 14-day retained logs for compliance.

Why choose me (MidLevel):

• AWS Cloud Practitioner certified; 30+ CloudWatch integrations.
• Average response <2 h; 7-day free support if alarms misfire.
• Give you Terraform code if you want to replicate in staging.