AWS Cloudwatch
Last updated
Last updated
This section explains on how to integrate and ingest alerts from AWS Cloudwatch monitoring service into CloudFabrix AIOPs platform.
AWS Cloudwatch monitoring service supports alert notifications via Simple Notification Service (SNS) with a subscription feature. Alerts can be defined to send notifications through HTTP/HTTPS, Email, SMS and other methods by subscribing to SNS topic. CloudFabrix AIOPs platform uses webhook notification method using HTTPS subscription into SNS topic from AWS Cloudwatch monitoring service to receive and ingest the alerts or events.
Click here for Alert Sources to create a Webhook URL for AWS Cloudwatch alert notifications in CloudFabrix OIA application.
Step 1: Login into AWS portal with user account which has enough privileges to create and configure AWS Cloudwatch alarm (or alerts) notifications.
Step 2: Under AWS Management Console, search for SNS service to create SNS topic and an HTTPS subscription for alert notifications.
Step 3: Under Amazon SNS service page, click on Topics and click on Create Topic button to create a new SNS topic.
Step 4: Add topic name under Name and topic description under Display Name fields and click on Create topic.
Step 5: Under newly created SNS topic, click on Create subscription to subscribe for Alarm/Alert notifications over HTTPS protocol.
Step 6: Select SNS Topic under Topic ARN field, select HTTPS under Protocol field and under Endpoint enter the Webhook URL that was created for AWS Cloudwatch alert notifications under CloudFabrix OIA application.
Step 7: After creating the subscription over HTTPS protocol, AWS SNS topic will publish a confirmation URL to validate specified Webhook URL. CloudFabrix OIA's alert-ingestion service should receive the confirmation URL from AWS which can be obtained from it's service logs. Below is a sample log capture steps to view subscription confirmation URL from alert-ingestion service.
Login into cfxDimensions Platform VM.
Run macaw services status | alert-inges command to get alert-ingester service details
From the below screen you can get cfxDimensions Service VM's IP/FQDN (2) on which alert-ingestor service is running, alert-ingestor service container ID (3) and service name (4)
Enter the command as shown in the below (2nd screen) to tap into the alert-ingestor service logs to get confirmation URL from AWS.
Step 8: Back to AWS SNS Topic screen on AWS portal. Once you copy the subscription confirmation URL from alert-ingestor service logs, click on Confirm Subscription button to confirm and validate by entering the subscription URL. Below are available options under SNS topic.
Confirm subscription: To confirm and validate the created Subscription
Request confirmation: To generate another subscription URL for confirmation/validation.
Edit: To edit the SNS topic configuration settings.
Publish message: To send a test message to the subscribers. (Note: This would only work after validating the Subscription URL)
Step 9: Now, go to AWS Management Console and search for Cloudwatch monitoring service.
Step 10: Under Alarms, click on ALARM to create a new alarm or to edit an existing alarm.
Step 11: For each monitored Metric in AWS Cloudwatch, under Notification section, make sure to create a notification for In alarm, OK and Insufficient data alarm states.
AWS Cloudwatch Field
CFX OIA Field
InstanceId/MetricName
key
NewStateReason
message
InstanceId
assetName
NewStateValue
ALARM = Open, OK = Cleared
StateChangeTime
raisedAt
StateChangeTime
clearedAt
NewStateValue
severity
MetricName
alertType
