I can see that in AWS alerting works with SNS where protocols are available as Email, https and SMS...Basically push mechanisms..
Is it possible to make these alerts pull-based? any ideas around how this could be tried?
You would need to create a solution for this, natively when an alert triggers it can be configured to go to either an SNS topic which has 1 or more subscriptions to notify.
Instead you would need to use the describe-alarms function to retrieve a list of alarms, this can be narrowed down to alarming only by using the --state-value parameter such as the example below
aws cloudwatch describe-alarms --state-value ALARM
Does this fit your needs https://awscli.amazonaws.com/v2/documentation/api/latest/reference/cloudwatch/describe-alarm-history.html ?
Please check aws cloudwatch there are several options for alarms.
Related
I want to receive notifications from AWS Eventbridge when there's a scheduled event for my Amazon Elastic Compute Cloud (Amazon EC2) instance.
I created an Eventbridge rule and set the target to an already working SNS topic. The SNS topic is subscribed to a working Lambda function that is used for other "Cloudwatch to slack" alarms already. The eventbridge setting is as follows:
{
"source": ["aws.health"],
"detail-type": ["AWS Health Event"],
"detail": {
"service": ["EC2"],
"eventTypeCategory": ["scheduledChange"]
}
}
I already got an EC2 scheduled maintenance(reboot) notification as e-mail from AWS, but this eventbridge I created did not trigger for that and did not send any notification to the slack channel.
I am unsure now if I am missing something in the setting. I am setting it for the first time and no way to simply test it with fake input. It is supposed to work even if there is a single schedule event that appears in the top bell icon(as shown in the screenshot above), correct?
In order to find out the root cause of this issue, I suggest to take a look a the CloudWatch usage metrics for SNS. SNS reports the following metrics which might be useful for you: NumberOfMessagesPublished, NumberOfNotificationsDelivered NumberOfNotificationsFailed. If you find these metrics reported an they have a value different than 0, this means that SNS receives events from Event Bridge and the problem is somewhere else.
If you are using a Lambda to send messages to Slack, you should take a look at the logs in CloudWatch to see if the Lambda did execute successfully. You might want to check out the setup for Lambda recommended by AWS: (link)
For further debugging you may want to check out test-event-pattern CLI command.
It is supposed to work even if there is a single schedule event that appears in the top bell icon(as shown in the screenshot above), correct?
Yeah, it supposed to work even if there already is an event.
I'm having a similar issue with eventbridge rule being built with cloudformation. I had to manually go into the eventbridge rule via the AWS console and go to the trigger and select the SNS topic again. It now works. It took me a while to figure out. Can you confirm that the fix did that for you as I'm not sure how to fix this...
We are using cloudwatch metrics filter and setup alarm and send notification through SNS - Email.
We are wondering if it is possible to also see logs that triggers the alarm in the email? or is it possible to do so with the help with a custom lambda function?
Thanks
Locally, you may try to have the following set up.
CloudWatch Alarm
SNS-log-reader with lambda as a subscriber
SNS-send-mails with e-mails as a subscriber
So the logic would be - Alarm trigger SNS-log-reader. Then lambda which is mapped to *SNS-log-reader can read the logs from LogGroup, build the message in needed format and send to e-mail/s via SNS-send-mails (or Simple Email Service (Amazon SES))
I want to count number of successful IoT connection and messages at a time , based upon that I want to apply a notification if it increases by some threshold.
I could not see any cloudwatch matrices/event for the same.
Please guide
You have a couple options. You can create a topic rule that listens on lifecycle topics. The rule could push a custom metric into AWS Cloudwatch or invoke a lambda that has more complex logic.
Another option would be to turn on the IOT logs, and setup a Lambda subscription to the IoT log group. The Lambda function could then push a custom metric into AWS CloudWatch.
I am using cloudwatch to trigger AWS Lambda. Now to create this trigger first of all I have to create rule then I need to add target and then I need to add permission policy to that lambda function. Now the problem is there is a policy length limit(20k) for each lambda function and each cloudwatch trigger increase policy length. So if there are around 60 cloudwatch rules my lambda can still handle all of those events as size is still less than 20k, but after that if rules increase I get http://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html "policy length exceed exception error".
I know I can delete the policy by using removePermission method but that is not efficient because if there are around 100 rules present in cloudwatch which are triggering my lambda function then my lambda function can't handle that much amount of policy length.
This is how I solved it.
Cloudwatch Alerts --> SNS --> Lambda
No subscription, no permissions configuration needed. You can create multiple different SNS notifications if you want to isolate different team based on your alerts.
Steps:
Create SNS with a topic
Send Cloudwatch Alerts to SNS
Subscribe Lambda to that SNS Topic
Receive Alerts to Lambda!
Hope it helps.
I would like to create a cloudwatch alarm for the sns metric NumberOfMessagesPublished on a new sns topic. If I attempt to do this before I trigger the topic (and there is no data for it) then the option to create an alarm does not exist in the web console.
How can I do this with the web console? Is using a cli tool the only option?
I noticed that too -- you cannot select a metric until the data has been sent to CloudWatch.
I suspect that CloudWatch actually doesn't have any visibility into metrics until they are sent from the originating service into CloudWatch. Thus, it can't populate the console because it doesn't know what data will be sent. That would be a nice, loosely-coupled design.
My experiments show that it is possible create an alarm via the AWS Command-Line Interface (CLI) on metrics that do not exist -- even within the EC2 namespace. That's the way to go!
I suggest you to use Cloudformation. It is the best way to create resources stack in AWS and overall you can easily experiment with it and delete everything when you are done. Here there is a sample application that uses Cloudformation and Cloudwatch https://github.com/awslabs/cloudwatch-dashboards-cloudformation-sample
The manual solution I went with was to create the sns topic and then use the Publish to topic option in the sns menu to send out a test message to my subscribers. This creates a set of notifications without the need to set off the cloudwatch rule. After this the option appears in the cloudwatch alarm creation menu.
The other CLI options would be better for automation.
Yes, it is possible. The AWS Official Documentation answers your question. Just to quote the relevant lines:
You can create an alarm for a custom metric before you've created that custom metric. For the alarm to be valid, you must include all of the dimensions for the custom metric in addition to the metric namespace and metric name in the alarm definition.