AWS Cloudwatch

Prerequisites:

This section explains on how to integrate and ingest alerts from AWS Cloudwatch monitoring service into CloudFabrix AIOPs platform.

AWS Cloudwatch monitoring service supports alert notifications via Simple Notification Service (SNS) with a subscription feature. Alerts can be defined to send notifications through HTTP/HTTPS, Email, SMS and other methods by subscribing to SNS topic. CloudFabrix AIOPs platform uses webhook notification method using HTTPS subscription into SNS topic from AWS Cloudwatch monitoring service to receive and ingest the alerts or events.

Click here for Alert Sources to create a Webhook URL for AWS Cloudwatch alert notifications in CloudFabrix OIA application.

Configure AWS Cloudwatch for Alert notifications over a Webhook:

Step 1: Login into AWS portal with user account which has enough privileges to create and configure AWS Cloudwatch alarm (or alerts) notifications.

AWS portal login screen

Step 2: Under AWS Management Console, search for SNS service to create SNS topic and an HTTPS subscription for alert notifications.

Step 3: Under Amazon SNS service page, click on Topics and click on Create Topic button to create a new SNS topic.

Step 4: Add topic name under Name and topic description under Display Name fields and click on Create topic.

Step 5: Under newly created SNS topic, click on Create subscription to subscribe for Alarm/Alert notifications over HTTPS protocol.

Step 6: Select SNS Topic under Topic ARN field, select HTTPS under Protocol field and under Endpoint enter the Webhook URL that was created for AWS Cloudwatch alert notifications under CloudFabrix OIA application.

Step 7: After creating the subscription over HTTPS protocol, AWS SNS topic will publish a confirmation URL to validate specified Webhook URL. CloudFabrix OIA's alert-ingestion service should receive the confirmation URL from AWS which can be obtained from it's service logs. Below is a sample log capture steps to view subscription confirmation URL from alert-ingestion service.

  1. Login into cfxDimensions Platform VM.

  2. Run macaw services status | alert-inges command to get alert-ingester service details

  3. From the below screen you can get cfxDimensions Service VM's IP/FQDN (2) on which alert-ingestor service is running, alert-ingestor service container ID (3) and service name (4)

  4. Enter the command as shown in the below (2nd screen) to tap into the alert-ingestor service logs to get confirmation URL from AWS.

cfxDimensions Platform - macaw CLI

Step 8: Back to AWS SNS Topic screen on AWS portal. Once you copy the subscription confirmation URL from alert-ingestor service logs, click on Confirm Subscription button to confirm and validate by entering the subscription URL. Below are available options under SNS topic.

  • Confirm subscription: To confirm and validate the created Subscription

  • Request confirmation: To generate another subscription URL for confirmation/validation.

  • Edit: To edit the SNS topic configuration settings.

  • Publish message: To send a test message to the subscribers. (Note: This would only work after validating the Subscription URL)

Step 9: Now, go to AWS Management Console and search for Cloudwatch monitoring service.

Step 10: Under Alarms, click on ALARM to create a new alarm or to edit an existing alarm.

Step 11: For each monitored Metric in AWS Cloudwatch, under Notification section, make sure to create a notification for In alarm, OK and Insufficient data alarm states.

AWS Cloudwatch Alert Field Mappings:

AWS Cloudwatch Field

CFX OIA Field

InstanceId/MetricName

key

NewStateReason

message

InstanceId

assetName

NewStateValue

ALARM = Open, OK = Cleared

StateChangeTime

raisedAt

StateChangeTime

clearedAt

NewStateValue

severity

MetricName

alertType