Lambda函数如何丰富CloudWatch日志警报并添加自定义维度

时间:2019-04-09 10:22:46

标签: python amazon-web-services lambda amazon-cloudwatch

我正在努力设置Lambda以丰富来自CloudWatch日志的警报。其背后的想法是要有一个Cloudwatch日志警报(来自EC2实例),它会触发SNS,该SNS会触发Lambda,从而通过自定义维度,实例ID,主机名或其他自定义信息(例如标签或其他内容)丰富Cloudwatch日志警报将其作为SNS警报发送到第三方票务应用。我的逻辑在这里可能是完全错误的,但是如果我只是为了我的学习而无所事事,我仍然想这样做。

Lambda应该使用JSON格式的Python和SNS消息(是的,我在python模块上没有足够的经验让aws不能正常工作,我可以发送一些json消息但不能自定义它)

==============

我基本上想实现触发几个SNS的CloudWatch日志警报(来自多个EC2实例),该SNS触发一个Lambda,该Lambda将JSON中的警报消息丰富并发送出去

我已经设置了工作流程并且可以发送消息,但是我在Lambda的python代码方面苦苦挣扎,并且现在让自己困惑于变量等等……

流程如下:

CloudWatch日志警报触发SNS主题,该主题触发Lambda,该Lambda丰富该警报并将其发送到另一个SNS主题

原因是我不希望将数十个日志流流传输到Lambda中来丰富日志,我只希望警报触发轻量级Lambda来丰富/自定义来自CloudWatch日志的警报

==============

我知道这不起作用... 


import json
import boto3

def lambda_handler(event, context):

client = boto3.client('sns')    
var SnsMessage = event.Records[0].Sns.Message  <- my failing attempt at creating a variable from the SNS message that triggered the Lambda   
Message = ['SnsMessage']   
response = client.publish(      
TargetArn='arn:aws:sns:eu-central-1:1234567890-whatever',      
Subject='log alert',      
Message=json.dumps({'default': json.dumps(message)}), 
MessageStructure='json'

)

==============

传入/触发警报如下:


Alarm Details:
- Name:                       my_test_alarm
- Description:                test log and dimensions
- State Change:               OK -> ALARM
- Reason for State Change:    Threshold Crossed: no datapoints were received for 1 period and 1 missing datapoint was treated as [Breaching].
- Timestamp:                  Tuesday 09 April, 2019 09:47:54 UTC
- AWS Account:                1234567890

Threshold:
- The alarm is in the ALARM state when the metric is GreaterThanOrEqualToThreshold 0.0 for 300 seconds. 

Monitored Metric:
- MetricNamespace:                     MyNamespace
- MetricName:                          log_test
- Dimensions:                          
- Period:                              300 seconds
- Statistic:                           Sum
- Unit:                                not specified
- TreatMissingData:                    Breaching

来自Lambda的预期警报应如下所示:


Alarm Details:
- Name:                       my_test_alarm
- Description:                test log and dimensions
- State Change:               OK -> ALARM
- Reason for State Change:    Threshold Crossed: no datapoints were received for 1 period and 1 missing datapoint was treated as [Breaching].
- Timestamp:                  Tuesday 09 April, 2019 09:47:54 UTC
- AWS Account:                1234567890

Threshold:
- The alarm is in the ALARM state when the metric is GreaterThanOrEqualToThreshold 0.0 for 300 seconds. 

Monitored Metric:
- MetricNamespace:                     MyNamespace
- MetricName:                          log_test
- Dimensions:                          InstanceId i-abcdefghijkl Tag Application Department Billing
- Period:                              300 seconds
- Statistic:                           Sum
- Unit:                                not specified
- TreatMissingData:                    Breaching

一旦我了解了它在Python / Lambda中的工作原理,我将进一步扩展并为JSON输出警报,消息属性等添加更多自定义,暂时,我只需要自定义“消息”。感谢您的帮助或想法

0 个答案:

没有答案
相关问题
最新问题