I'm using AWS Cloudwatch to monitor application log files on my AWS EC2 instances. Is there a way to include Custom data (I.E. stack trace) in the Cloudwatch Alert when it is triggered by the metric I define?
I ended up routing the alert event to a REST service I wrote rather than to the SNS notification group. The web service uses the "event name" and timestamp to generate a custom notification. It pulls diagnostic information from several services, including our ELK stack, and includes it in the custom notification along with the typical Cloudwatch Alert data. The web service then sends the custom notification to the original SNS notification group to be distributed.
Related
2 weeks back, I saw a notification in AWS saying, the one of the 3 AWS EC2 instance will be stopped because of the underlying hardware cause. I almost missed the dead line as I didn't the notification via email. Is there a way get these notification via email?
It would be much better if I can get the notifications using cloud watch to my email.
If you're on Business or Enterprise Support, AWS provides a solution named "AWS Health Aware" built on top of AWS Health API, it does exactly what you're after sends you notifications via several methods including emails regarding outages and planning maintenance that affect your account(s).
If you're on a Basic support plan you can easily built something similar yourself using based on [AWS Health events][2]
This is an example of capturing AWS Health events via EventBridge so they can be further send to a lambda or SNS
https://docs.aws.amazon.com/health/latest/ug/cloudwatch-events-health.html
What I've done in the is following:
Capturing AWS Health events via EventBridge in spoke accounts and forward them to the event bus in my hub account
In the hub account I would subscribe a lambda function for all events with source "aws.health" and then send email or slack message whatever works for you.
I think Amazon EventBridge is what you are looking for. With EventBridge you can detect and react to different events such as EC2 instances scheduled for updates. You can, for example, create a rule for detecting a specific health event and in the target section choose to receive an email through SNS or invoke a CloudWatch log group, etc. Read more here.
I have to monitor CloudWatch logs for particular lambda. When the specific error message such as HTTP-50X is logged to CloudWatch, then we need to send an email notification to alert that the something is wrong.
We need help to create alert email in AWS to monitor manually the logs to see if there is any such error logged.
This is exactly what metric filter is for. Create a metric filter that monitors your log group for specific pattern. Then create a CloudWatch alarm based on a new metric and configure it with an SNS action. Then simply subscribe your email to that SNS topic.
All of this can be easily done via CloudFormation(Metric filter, Alarm, SNS). You can also use CDK.
You can process/monitor logs in real-time using lambda functions. Checkout Using AWS Lambda with Amazon CloudWatch Logs and Real-time Processing of Log Data with Subscriptions for details.
I am new with AWS and I m trying to find a way to get alarms from cloud watch. I set up an SNS topic and set a server endpoint but I relize that this needs confirmation of subscription.Do you know how to set up the webhook or if there is a call for getting alarms?
Go to CloudWatch
Choose Alarms from the left menu
Create Alarm
Select your metric
Specify metric and conditions then next
In the Configure actions part you may select an SNS Topic from the dropdown list.
Fill name, description on the next step
Preview and create.
Edit:
For subscription part; i've created a topic and a lambda for it's subscription which will get SNS event and send it to slack. There are other options such as http(s) calls, email, sms etc.
I am trying to receive an update when a new EC2 security group is created. Haven't had much luck. There have been a lot of resources online however they don't deal with what I'm trying to do. All I need is an SNS notification when a new security group is created for some reason this is proving harder than it should.
Any suggestions on how I may be able to get this to work?
Thanks
The AWS Config service should serve this purpose perfectly.
It allows you to 'listen' for changes on certain (or all) types of resources and perform certain actions in response.
In your situation you could set up listeners for EC2:SecurityGroup events and have these events trigger notifications being sent to an SNS endpoint of your choice.
See some of the docs on streaming AWS Config events to SNS here.
Three are two services of interest:
Amazon CloudWatch Events can use rules to trigger an action when something happens (eg a Security Group is created)
Amazon Config keeps track of historical configurations
For your use-case, I would recommend an Amazon CloudWatch Events Rule:
Service Name: EC2
Event Type: AWS API Call via CloudTrail
Specific Operation: CreateSecurityGroup
Add Target: Specify an SNS Topic to receive the notification
I know that the AWS sends emails about any EC2 instances with Scheduled Events, but I would also like to have these notifications sent through HipChat and text message as well. Is there a default way of selecting a setting that can do this in AWS? Or would I have to create a more custom solution to achieve this?
With Scheduled Events in EC2 being manual tool for monitoring health of instances as of right now, there isn't many options. From the design point of view on AWS platform, this could be one possible solution:
Create AWS SES mailbox and enable it to receive emails,
Create a forwarding rule in your original e-mail inbox where you receive those e-mail notifications from AWS about Scheduled Events to forward e-mails of this type (based on filter you define) to the previously created AWS SES mailbox,
In your AWS SES mailbox create "Receipt Rule" with SNS Action, that will basically publish entire content of the e-mail to the SNS Topic using AWS SNS. (The SNS topic you choose must be in the same AWS region as the Amazon SES endpoint you use to receive email)
Once that e-mail content lands in AWS SNS Topic as an event, you can use AWS Lambda subscribed to your SNS topic as a handler of the event, parse what you need and forward customized notification to any of your third-party (outside of AWS) alerting tools (such as PagerDuty, Slack channel, HipChat, or whatever you use for SMS notifications).
This design does have one week point: relying onto your external mailbox forwarding system (if you are receiving Scheduled Events e-mails in inbox not based on AWS SES).
Ideally you could try to see in your AWS Account settings if it is possible to use AWS SES mailbox for Scheduled Events notifications, but I haven't tried that.
You can receive text messages as notification by setting alarm for that ec2 instance e.g if CPU usages goes above 80% then create an alarm and eventually you can set it to get emails or text messages. Thanks