I have created an API Gateway in AWS with two resources (endpoints). Let's say /foo and /bar. Each endpoint has a POST method.
I want to monitor how many times each endpoint got invoked - /foo and /bar in our example. And the metrics to show the 2xx, 4xx, and 5xx responses.
I know API Gateway got a generic "API Calls" metric that shows the total invocations of the API. But how do I monitor how many times each endpoint got called?
You can filter API Gateway metrics for the API method with the specified API name, stage, resource, and method.
API Gateway will not send these metrics unless you have explicitly enabled detailed CloudWatch metrics. You can do this in the console by selecting Enable Detailed CloudWatch Metrics under a stage Logs/Tracing tab. Alternatively, you can call the update-stage AWS CLI command to update the metricsEnabled property to true.
Enable Detailed CloudWatch Metrics on AWS Console:
Documentation:
https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-metrics-and-dimensions.html#api-gateway-metricdimensions
Related
We have an API Gateway setup with a MockIntegration method. Our deployed stage also has detailed metrics enabled and we can see the following metrics in Cloudwatch:
Count
Latency
5xx errors
4xx errors
However, according to this documentation, API Gateway should also be reporting IntegrationLatency. This metric is missing in Cloudwatch.
Does MockIntegration not support IntegrationLatency? When we eventually move to an actual backend integration, will the metric appear in Cloudwatch?
Currently, my API gateway execution logs are getting logged in cloud-watch in some random path of a particular format. Is there a way for me to customize that log path in SAM Template while deploying the API gateway ??
No, as of April 2021, execution logs are fully managed by AWS API Gateway and the log group name will be in form of API-Gateway-Execution-Logs_{rest-api-id}/{stage_name} and the format is pre-defined.
On a different note: You can define the CloudWatch target ARN and format of access logs though if you have this enabled but this is a different set of logs.
If you are using SAM, you can explicitly define your API using the AWS::Serverless::Api resource type. This type as a property called AccessLogSetting that allows you to provide the ARN of a CloudWatch group to send the the access logs to.
Also check out this guide which doesn't go into SAM automation but explains API Gateway logging configurations and what is possible, a good read.
https://www.alexdebrie.com/posts/api-gateway-access-logs/
I am unable to figure out the difference what does enable detailed cloud watch metrics does in aws - api gateway - logs/traces
Detailed CloudWatch metrics for API Gateway will include individual metric data to breakdown each resource/method combination too.
With this enabled you can visualise performance for specific requests such as a /search request latency, or alarm if you return 5XX errors for your /book request.
By default CloudWatch metrics are limited to API and stage.
Enabling this has no effect on logs/traces.
We're working with AWS and wish to log all incoming http requests from our API Gateway to the EC2 box in their entirety (i.e. not truncated at 1024 bytes). As we know the logging for API Gateway is not configurable our next thought was to place a lambda between the api gateway and EC2 which would intercept the requests, log them to S3, and then forward the request to EC2.
My question is two fold:
How does one submit an API Gateway 'event' to an EC2 instance manually? I've gone over the boto3 documentation and there doesn't seem to be a good way to do this out of the box.
Is this a logical way to log requests in their entirety, or are we missing a built in connector between lambda -> ec2 or request logging in general?
def lambda_handler(event, context):
#pass event to the ec2
#log event (done)
#return response
You can enable CloudWatch logging for API gateway. By enabling you can find the logs for your requests in the cloud watch.
Create an IAM role that gives permissions for the API gateway to write logs to cloud watch
set the IAM role to your API
set the desired log levels INFO/ERROR
you can also choose to log the full request/responses
To enable access logs, you also need to create a log group and provide the arn.
The detailed steps can be found in the reference below.
Hope this helps.
Reference:
https://aws.amazon.com/premiumsupport/knowledge-center/api-gateway-cloudwatch-logs/
I want to trigger an AWS lambda function upon the creation/modification of an API in AWS API gateway. Any idea what are the right events to catch?
As noted, API Gateway does not generate events directly. Additionally, it does not appear that you can configure an event rule based on CloudTrail logs for API Gateway either. I'll make sure to forward your request to the CloudWatch Events team as a feature request.
Since there is no event rule of AWS APIGateway in AWS CloudWatch and it does not appear log in AWS CloudTrail, so we can not achieve it now.