Creating cloudwatch alarms for specific log groups

1
votes

I want to create a cloudwatch alarm that triggers when a specific word, "exception", shows up in my log. I have four different log groups, three for lambda programs and one for an elastic beanstalk instance.

I would like to have an alarm that only triggers "exception" shows up a specific log group. Is this possible or will my alarm just trigger when "exception" shows up in any of the four log groups?

1
amazon-web-servicesamazon-cloudwatchamazon-cloudwatchlogs

1 Answers

1
votes

This is possible, with the caveat that your one alarm becomes four alarms.

Here is an example implementation:

  1. You have four log groups: one for each of your three lambdas and your beanstalk instance.
  2. Each log group has a metric filter that increments an associated metric by 1 when "exception" shows up in the logs. The 'Example: Count Log Events' link in the section below describes exactly how to do this.
  3. Each metric has its own distinct alarm that fires when sum > 0 for X minutes.

So you'll have four log groups, four metric filters, four metric, and four alarms. This will allow each of your apps have their own distinct alerting workflow, so that they won't step on each other.

Further Reading