Retrieve Amazon CloudWatch Alarms using REST API - amazon-web-services

I'm trying to retrieve all open Alarms (alerts) from Amazon Monitoring tool: Cloudwatch, using REST API GET.
And while Azure Monitor has a very clear documentation that contains the Alerts Management endpoint:
https://management.azure.com/subscriptions/{SubscriptionID}/providers/Microsoft.AlertsManagement/alerts?includeContext=True&api-version=2018-05-05
On Amazon side, on the other hand. i got confused.
After reading Amazon Cloudwatch documentation.
I understood that i need to pull the data from Cloudwatch Alarms, and not from Cloudwatch Log or Cloudwatch Events.
But i didn't find a corresponding endpoint to use in order to retrieve all the open Alarms (alerts) in Cloudwatch using REST API Get, from the available AWS Service Points:
https://docs.aws.amazon.com/general/latest/gr/rande.html
Can someone shed some light on this please?

https://github.com/awsdocs/aws-doc-sdk-examples/blob/master/ruby/example_code/cloudwatch/cw-ruby-example-show-alarms.rb
here is a ruby example of describe alarms end point. You should be able to do the same using other programming languages as well.

Related

AWS CloudWatch metrics to OpenSearch

I'm working on Centralized Logging of my environnement AWS presented in this guide:https://docs.aws.amazon.com/solutions/latest/centralized-logging/overview.html
I'm using the same architecture as presented in AWS Doc.
I'm searching the possibility to send metrics from CloudWatch of each account to OpenSearch in centralized account. I was thinking of a Lambda function that retrieves each X minutes the data with get_metric_data ? I'm collecting the metrics with CloudWatch Agent
Is there an another method to do it ?
Thank you

How to Monitor/listen aws Services?

Suppose multiple aws services are running (like EC2,S3) and If someone changes the configuration of these services , I want to know immediately and want to pull the updated configuration. So how can i listen to these services to pull configuration immediately . I went through couple of options like aws SNS and all. But i don't want to implement this using any aws services for this.
I am using spring boot application. Any help is appreciated , Thanks in advance.
The two services you should be interested in are:
AWS CloudTrail:
AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Actions taken by a user, role, or an AWS service are recorded as events in CloudTrail. Events include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.
AWS Config:
AWS Config provides a detailed view of the configuration of AWS resources in your AWS account. This includes how the resources are related to one another and how they were configured in the past so that you can see how the configurations and relationships change over time.
You can also configure Amazon CloudWatch Events rules that trigger when a particular API call is made (eg when a user changes some configuration). This could trigger a notification, a Lambda function, etc.
See:
Creating a CloudWatch Events Rule That Triggers on an AWS API Call Using AWS CloudTrail - Amazon CloudWatch Events
How to monitor AWS account activity with Cloudtrail, Cloudwatch Events and Serverless

What to prefer AWS XRAY or CloudTrail for analysing user request travelling through Amazon API Gateway

I am preparing for AWS exam and I found some documentation about AWS CloudTrail and AWS X-RAY where it creates confusion on their usage requirement.
I have came across following question where requirement was to trace and analyse the user request as it travels through Amazon API Gateway APIs to underlying services.
As per my understanding, we can use CludTrail to trace and analyse the user request. But the correct answer was AWS XRAY.
The documents which have referred mentions that, we can use AWS CloudTrail logs for tracing,Security Analysis, Resource Change Tracking and Compliance/Auditing. On the other hand, we can use AWS X-RAY to analyse and debug applications running on distributed micro service architecture.
XRAY and CloudTrail usage both have the term Analyse and trace. So it is quite confusing to which service should we choose under such requirement to trace and analyse the user request
X-Ray is more detailed in the information it provides for the request's flow and state. It scans the request all the way through its lifetime from when it is received in the api gateway to whatever services are called and executed after that. So I imagine that is why it is the preferred option.

Mulesoft - Export Log To AWS CloudWatch

I am planning to export logging from MuleSoft CloudHub to AWS CloudWatch.
I saw there is one AWS CloudWatch Connector in GitHub:
https://github.com/mulesoft-labs/mule-amazon-cloudwatch-connector/tree/master/mule-cloudwatch-connector
Is there any examples on how to implement this?
And which AWS CloudWatch features is supported in this connector?
I found other export logs method with examples, but not for AWS CloudWatch:
https://help.mulesoft.com/s/question/0D52T00004mXUALSA4/export-log-to-external-system
Thanks.
You could try to create a Mule application that reads logs from CloudHub using CloudHub's API and pushes them to CloudWatch. The readme for the connector doesn't seem to mention an operation to put logs into CloudWatch, but if CloudWatch has a REST API for it -every AWS product has it- you could use it in your application.
This KB article shows how to get the logs from CloudHub: https://help.mulesoft.com/s/article/How-to-get-whole-Application-logs-from-Cloudhub-through-API

How can I be notified [eg via email] for any change in my AWS account?

I have an AWS account that use multiple devs and teams [dev/qa/mobile].
I would like to be notified when any change takes place in my AWS account.
For example a dev launches a new instance , or a new open port is added in a security group etc and he forgets to announce it to me or the rest of the team.
I want to be fully informed for these changes in order to apply specific architecture and/or security and people tend to mess with them.
Is there any dashboard or service inside AWS that I can customise it?
Someone suggested that I should take a look in CloudTrail.
Has anyone done something like this?
The easiest way to go is to use cloudtrail with cloudwatch logs. In AWS FAQ:
Q:What are the benefits of CloudTrail integration with CloudWatch Logs?
This integration enables you to receive SNS notifications of API activity captured by CloudTrail. For example, you can create CloudWatch alarms to monitor API calls that create, modify and delete Security Groups and Network ACL’s. For examples, go to the examples section of the user guide.
Based on SNS, you can then send email through SES
I think the easier way is to use Amazon Cloudtrail service.
Cloudtrail logs any API call which is made on your AWS account. Every operation done on AWS is and API call (including instances operations as you have requested)
Here you can find more information about it
http://docs.aws.amazon.com/awscloudtrail/latest/userguide/configure-cloudtrail-to-send-notifications.html
I hope this helps somehow.
You can find logs of your AWS account in S3,
Find below path in S3:
s3://security-logging/AWS_/AWSLogs/AWS Account no./CloudTrail/your region/year
You can also integrate CloudTrail with SQS to send notifications.