I am new with AWS and I m trying to find a way to get alarms from cloud watch. I set up an SNS topic and set a server endpoint but I relize that this needs confirmation of subscription.Do you know how to set up the webhook or if there is a call for getting alarms?
Go to CloudWatch
Choose Alarms from the left menu
Create Alarm
Select your metric
Specify metric and conditions then next
In the Configure actions part you may select an SNS Topic from the dropdown list.
Fill name, description on the next step
Preview and create.
Edit:
For subscription part; i've created a topic and a lambda for it's subscription which will get SNS event and send it to slack. There are other options such as http(s) calls, email, sms etc.
Related
I'm pretty new to AWS but I did some research about my issue and I couldn't find an answer anywhere so hopefully someone can help me with this.
I would like to be notified on Slack whenever someone logs in with a Root account on any of my AWS accounts. I have set up Cloudtrail at the Organisation level to monitor cloudtrail logs on all my AWS account. I have set up a Cloudwatch alarm to trigger whenever a root account is used, the alarm is then sent to a SNS topic that sends it to a Lambda that triggers a message to Slack.
All of this is working fine. However, the message I receive from SNS is basically the following: The alarm (root_login) has been trigerred
Ideally I would want to receive the Cloudwatch event that shows me more information like the IP Address of the user, the AWS account where it occured, etc...
Basically I would like to receive the Cloudwatch event log to the lambda instead of the Cloudwatch alarm trigger. Is that something that is possible?
Thanks
Yes that is possible. Here are some instructions from the AWS site on the aws-sns-to-slack-publisher. The page contains the steps you need to take to deploy .
Here is an example of publishing a health event to slack.
You will ofcourse need to modify the code to meet your requirements.
I have to monitor CloudWatch logs for particular lambda. When the specific error message such as HTTP-50X is logged to CloudWatch, then we need to send an email notification to alert that the something is wrong.
We need help to create alert email in AWS to monitor manually the logs to see if there is any such error logged.
This is exactly what metric filter is for. Create a metric filter that monitors your log group for specific pattern. Then create a CloudWatch alarm based on a new metric and configure it with an SNS action. Then simply subscribe your email to that SNS topic.
All of this can be easily done via CloudFormation(Metric filter, Alarm, SNS). You can also use CDK.
You can process/monitor logs in real-time using lambda functions. Checkout Using AWS Lambda with Amazon CloudWatch Logs and Real-time Processing of Log Data with Subscriptions for details.
Hi there I'm creating an alarm which I want to post to an SNS topic which triggers a lambda. I do not want the alarm to email anyone. However, i am repeatedly getting errors such as the following:
(Warning: this alarm is not configured to notify. Please modify this alarm and add an email address.)
Do I have to specify an email address?
This might be related to the way that the Alarm was created on the Scaling Policy.
When an Amazon SNS topic already exists and an Alarm is created on a Scaling Policy, the UI looks like this:
This allows an existing SNS topic to be selected.
However, when there is no SNS topic and the user clicks create topic, the UI looks like this:
It is possible that the interface is using the 2nd configuration and the "with these recipients" field is empty.
If so, you can cancel that selection and choose the SNS topic from the drop-down list.
I am trying to create CloudWatch alarms in N. California region because that is where my EC2s are.
I want to send a notification to an SNS topic that supports both email and SMS, which n. california does not, so I created an SNS topic in Oregon instead which supports both.
The topic does not appear in the "Send Notification To:" dropdown, reading online it seems like i'm supposed to be able to click 'enter list' and put in an ARN from another region, however when I do this I get an error saying:
Error:
There was an error saving the alarm. Please try again.
Cross region SNS will not be available to be configured for CloudWatch alarm notifications.
Alternatively, the following steps will help you achieve the same though not a fancy way of doing.
Configure a SNS in the same region and configure CloudWatch to send alarm notifications to this SNS in the same region
Subscribe a Lambda as a consumer for this SNS to listen and process the events sent from CloudWatch
The Lambda will reside in the same region which will receive the event from local SNS and publish (literally forward) the message (using SNS publish method) to the SNS in a different region.
The SNS in other region can have SMS and/or email subscriptions.
I know that the AWS sends emails about any EC2 instances with Scheduled Events, but I would also like to have these notifications sent through HipChat and text message as well. Is there a default way of selecting a setting that can do this in AWS? Or would I have to create a more custom solution to achieve this?
With Scheduled Events in EC2 being manual tool for monitoring health of instances as of right now, there isn't many options. From the design point of view on AWS platform, this could be one possible solution:
Create AWS SES mailbox and enable it to receive emails,
Create a forwarding rule in your original e-mail inbox where you receive those e-mail notifications from AWS about Scheduled Events to forward e-mails of this type (based on filter you define) to the previously created AWS SES mailbox,
In your AWS SES mailbox create "Receipt Rule" with SNS Action, that will basically publish entire content of the e-mail to the SNS Topic using AWS SNS. (The SNS topic you choose must be in the same AWS region as the Amazon SES endpoint you use to receive email)
Once that e-mail content lands in AWS SNS Topic as an event, you can use AWS Lambda subscribed to your SNS topic as a handler of the event, parse what you need and forward customized notification to any of your third-party (outside of AWS) alerting tools (such as PagerDuty, Slack channel, HipChat, or whatever you use for SMS notifications).
This design does have one week point: relying onto your external mailbox forwarding system (if you are receiving Scheduled Events e-mails in inbox not based on AWS SES).
Ideally you could try to see in your AWS Account settings if it is possible to use AWS SES mailbox for Scheduled Events notifications, but I haven't tried that.
You can receive text messages as notification by setting alarm for that ec2 instance e.g if CPU usages goes above 80% then create an alarm and eventually you can set it to get emails or text messages. Thanks