stackoom
  简体   繁体   中英

Parse a CloudWatch alert in AWS Lambda Python function

 原文  2018-03-08 16:50:24       python-3.x/ amazon-web-services/ aws-lambda

Question

I'm working on Lambda function that will perform several actions based on CloudWatch alerts.

The JSON format of the alerts is: 

{
    'SignatureVersion': '1',
    'Timestamp': '2018-03-08T16: 06: 27.163Z',
    'MessageId': 'df82d564-1651-5dc6-a37a-867f779226ec',
    'Message': '{
        "AlarmName": "awsec2-i-08c38bb8af7962797-CPU-Utilization",
        "AlarmDescription": "Created from EC2 Console",
        "AWSAccountId": "111111111111",
        "NewStateValue": "ALARM",
        "NewStateReason": "Threshold Crossed: 1 datapoint [1.49999999999939 (08/03/18 16:04:00)] was greater than or equal to the threshold (1.0).",
        "StateChangeTime": "2018-03-08T16:06:27.124+0000",
        "Region": "EU (Ireland)",
        "OldStateValue": "OK",
        "Trigger": {
            "MetricName": "CPUUtilization",
            "Namespace": "AWS/EC2",
            "StatisticType": "Statistic",
            "Statistic": "AVERAGE",
            "Unit": null,
            "Dimensions": [
                {
                    "name": "InstanceId",
                    "value": "i-08c38bb8af7962797"
                }
            ],
            "Period": 60,
            "EvaluationPeriods": 1,
            "ComparisonOperator": "GreaterThanOrEqualToThreshold",
            "Threshold": 1.0,
            "TreatMissingData": "",
            "EvaluateLowSampleCountPercentile": ""
        }
    }',
    'Type': 'Notification',
    'TopicArn': 'arn:aws:sns:eu-west-1: 11111111111:test',
    'Subject': 'ALARM: "awsec2-i-08c38bb8af7962797-CPU-Utilization" in EU (Ireland)'
}

What I need to understand is how I tell my function to extract only the InstanceId value and use it as variable for the rest of the function.

1 answers

solution1
 4 ACCPTED  2018-03-08 21:59:49

The Message is JSON provided as a string. To access the contents of the string, you'll need to use the json.loads() function: 

import json

alert = ... (from CloudWatch)

message = json.loads(alert['Message'])

[msg['value'] for msg in message['Trigger']['Dimensions'] if msg['name']=='InstanceId']

However, please note that this will merely output the InstanceId that was provided as the Dimension for the alarm. It is not specifically saying that this instance caused the alarm (but that is true).

For example, you could create an alarm based on a group of EC2 instances. If the average CPU went above a threshold, the alarm would be triggered. However, the dimension would relate to the group , not a specific instance.

Think of it as saying "The Alarm with a filter of Instance i-xxx has been triggered" , as opposed to saying "Instance i-xxx triggered the alarm" .

As long as your alarm is always based on a single instance, then the Dimension will be what you expect.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS Lambda function + Cloudwatch, how to pass the right parameters to a timed execution CloudWatch logs stream to Lambda python Can I create/delete a cloudwatch event rule for an AWS lambda function from within that function? Python AWS Lambda function locally using python-lambda-local AWS Lambda python library function error Get environment name in AWS Lambda function in python Delete trigger on a AWS Lambda function in python Problem with library loading in AWS lambda function - Python AWS Lambda Python function remove trailing unicode Update an environment variable of an AWS Lambda function in python
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM