从AWS CloudWatch警报生成的消息中的SQS主题中未获取完整信息
[英]Not getting complete information in SQS topic in the message generated from AWS CloudWatch alarm
问题描述
I have configured an Alarm on CloudTrail events. 
我已经配置了CloudTrail事件警报。 The metric of the alarm is to trigger it when it finds the information in the logs that an instance is terminated. 当警报在日志中找到实例终止的信息时,将触发警报。 The information sends a message to an SNS topic which in turn calls SQS. 该信息将消息发送到SNS主题,该主题又称为SQS。
It is all working as of now. 到现在为止一切正常。 However, when I read SQS I can only see the information of the alarm, but I would like to obtain details of the instance that got terminated. 但是,当我阅读SQS时,我只能看到警报的信息,但是我想获取已终止实例的详细信息。 For example, below is what I see: 例如,下面是我看到的:
{
"Type" : "Notification",
"MessageId" : "1744f315-1042-5248-99a8-bd637aac7da4",
"TopicArn" : "arn:aws:sns:us-east-1:873150696559:chefterm",
"Subject" : "ALARM: \"terminatedchefnodes\" in US - N. Virginia",
"Message" : "{\"AlarmName\":\"terminatedchefnodes\",\"AlarmDescription\":\"terminatedchefnodes\",\"AWSAccountId\":\"873150696559\",\"NewStateValue\":\"ALARM\",\"NewStateReason\":\"Threshold Crossed: 1 datapoint (1.0) was greater than the threshold (0.0).\",\"StateChangeTime\":\"2015-09-18T19:40:30.459+0000\",\"Region\":\"US - N. Virginia\",\"OldStateValue\":\"INSUFFICIENT_DATA\",\"Trigger\":{\"MetricName\":\"TestChefMetric\",\"Namespace\":\"CloudTrailMetrics\",\"Statistic\":\"AVERAGE\",\"Unit\":null,\"Dimensions\":[],\"Period\":900,\"EvaluationPeriods\":1,\"ComparisonOperator\":\"GreaterThanThreshold\",\"Threshold\":0.0}}",
"Timestamp" : "2015-09-18T19:40:30.506Z",
"SignatureVersion" : "1",
"Signature" : "XpE8xR8S8sZPW0Yp642c2lpfiqP9qpXg1w8HCiD4YyWLRyHaQSR5RfSBk7yANJOtApw2nIUGRgpWzBE0j5RkfW4cvRrEcRLudAqO2N5QhCJfjvl48/AxWh1qmDiyrHmr0sTpSTg4zPbMQUs7nDRrW1QwQ6cqy04PTNJuZfBNfAXBlJNCkmeyJ8+klq6edmDijMy6M4D8kAUQ+trmTqTO29/jvT0+yOtBWBIOwiRDHxRfNIJ2vOWz8mjvyU43YDYZD1AG3hDBuSbs7li/8jkY7arsK2R5mDBhYI+o/w8D/W7qdBOGJlby1umVHX4mLQBwuOdLmSxN0P34cG9feuqdlg==",
"SigningCertURL" : "https://sns.us-east-1.amazonaws.com/SimpleNotificationService-bb750dd426d95ee9390147a5624348ee.pem",
"UnsubscribeURL" : "https://sns.us-east-1.amazonaws.com/?Action=Unsubscribe&SubscriptionArn=arn:aws:sns:us-east-1:873150696559:chefterm:467b007c-bb58-4ad6-b05b-ccd159c0515d"
}
But I instead I want to see the instance id information which was there in the CloudTrail logs : 但是我却想查看CloudTrail日志中存在的实例ID信息:
1 个解决方案
解决方案1
1 已采纳 2015-09-21 03:34:50
AWS CloudTrail delivers log files to your Amazon S3 bucket approximately every 5 minutes. AWS CloudTrail大约每5分钟将日志文件发送到您的Amazon S3存储桶。 The delivery of these files can then be used to 'trigger' some code that checks whether a certain activity has occurred. 然后,可以使用这些文件的传递来“触发”一些代码,以检查是否发生了某些活动。 And a good way to run this code is AWS Lambda . 运行此代码的一个好方法是AWS Lambda 。
The basic flow is: 基本流程是:
- AWS CloudTrail creates a log file in Amazon S3 AWS CloudTrail在Amazon S3中创建日志文件
- This triggers a call to AWS Lambda, with custom code that can determine whether the event is of interest 这将触发使用自定义代码的AWS Lambda调用,该自定义代码可以确定事件是否令人感兴趣
- The custom code can send publish a message to Amazon SNS, which can deliver a message via email, HTTP, etc 自定义代码可以将发布消息发送到Amazon SNS,后者可以通过电子邮件,HTTP等传递消息
Here are two articles that describe such a setup: 这是两篇描述这种设置的文章:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.