Monitoring & Alerts with Amazon CloudWatch
Amazon CloudWatch
When the Lambda audit logs messages containing the keyword “Error”, CloudWatch will automatically count them, and if the threshold is exceeded, it will automatically send alerts via email/Slack.
- Create Metric Filter
-
Go to CloudWatch Logs
- AWS Console → CloudWatch → on the left select Logs → Log groups.
- AWS Console → CloudWatch → on the left select Logs → Log groups.
-
Select the log group for Lambda audit
- Click on
/aws/lambda/AuditLoggerDemo.
- Click on
-
Create metric filter
- Open the Metric filters tab → click Create metric filter.
- In the Filter pattern box -> enter
ERROR.
- Set name & configure metric
- Filter name:
AuditErrorFilter - Metric namespace:
AuditDemo - Metric name:
ErrorCount - Metric value: 1
- Click Next → Create filter.
- Filter name:
- Create Alarm
- Go to CloudWatch Alarms
- AWS Console → Services → CloudWatch → Alarms → All alarms → Create alarm.
- Select metric: choose the metric named
AuditErrorFilter.
- Configuration:
- Statistic: Sum
- Period: 5 minutes
- Threshold type: Static
- Whenever ErrorCount >= 5
- For: 1 consecutive period
- Click Next.
- Alarm Name:
- Alarm name:
HighErrorAuditAlert - Description: …
- Click Next.
- Alarm name:
- Configure actions:
- Send notification to:
- Topic name:
AuditAlertsTopic - Display name:
Audit Alerts - Subscription protocol:
tranleminhhieu.it@gmail.com(Gmail). - Click Next -> Create alarm.
- Test the Alarm
- Observe the status: when an error is triggered in Lambda, it will change from OK to In alarm.
- Check your email to receive the notification.
