Moogsoft Docs

Configure the AWS SNS LAM

The AWS SNS LAM receives and processes CloudWatch alarms forwarded to Moogsoft AIOps. The LAM parses the alarms into Moogsoft AIOps events.

You can install a basic AWS SNS integration via the UI. See AWS SNS for integration steps.

Configure the AWS SNS LAM if you want to configure custom properties, set up high availability or configure advanced options that are not available in the UI integration.

Before You Begin

Before you configure the AWS SNS LAM, ensure you have met the following requirements:

  • You have an active AWS account.
  • You have the necessary permissions to create Lambda functions and SNS topics within AWS.
  • You have configured AWS SNS topics for your CloudWatch alarms.
  • AWS SNS can make requests to external endpoints over port 443. This is the default.

If you are configuring a distributed deployment refer to High Availability first. You will need the details of the server configuration you are going to use for HA.

Configure the LAM

Edit the configuration file to control the behavior of the AWS SNS LAM. You can find the file at $MOOGSOFT_HOME/config/sns_lam.conf

The AWS SNS LAM is a REST-based LAM as it provides an HTTP endpoint for data ingestion. See the REST LAM Reference for a full description of all properties. Not all properties for the generic REST LAM apply to the AWS SNS LAM.

Some properties in the file are commented out by default. Uncomment properties to enable them .

  1. Configure the connection properties for the REST connection:
    • address : Address on the Moogsoft AIOps server that listens for REST messages. Defaults to all interfaces.
    • port : Port on the Moogsoft AIOps server that listens for REST messages. Defaults to 48017.
  2. Configure authentication:
    • authentication_cache : Whether to cache the username and password for the current connection when the authentication type is Basic.
  3. Configure the LAM behavior:
    • num_threads : Number of worker threads to use.
    • rest_response_mode : When to send a REST response. See the REST LAM Reference for the options.
    • rpc_response_timeout : Number of seconds to wait for a REST response.
    • event_ack_mode : When moogfarmd acknowledges events from the AWS SNS LAM during the event processing pipeline.

  4. Configure the SSL properties if you want to encrypt communications between the LAM and the REST connection:
    • use_ssl : Whether to use SSL certification.
    • path_to_ssl_files : Path to the directory that contains the SSL certificates.
    • ssl_key_filename : The SSL server key file.
    • ssl_cert_filename : The SSL root CA file.
    • use_client_certificates : Whether to use SSL client certification.
    • client_ca_filename : The SSL client CA file.
    • auth_token or encrypted_auth_token : Authentication token in the request body.
    • header_auth_token or encrypted_header_auth_token : Authentication token in the request header.
    • ssl_protocols : Sets the allowed SSL protocols.

  5. Optionally configure the LAM identification and logging details:

    • name : Identifies events the LAM sends to the Message Bus.
    • capture_log : Name and location of the LAM's capture log file.

    • configuration_file : Name and location of the LAM's process log configuration file.
  6. Optionally configure severity conversion. See Severity Reference for further information and "Conversion Rules" in Data Parsing for details on conversions in general.


An example AWS SNS LAM configuration is as follows.

	name                    		: "Rest Lam Monitor",
	class                   		: "CRestMonitor",
	port                    		: 48017,
	address                 		: "",
	use_ssl                 		: false,
	#path_to_ssl_files       		: "config",
	#ssl_key_filename        		: "server.key",
	#ssl_cert_filename       		: "server.pem",
	#use_client_certificates  		: false,
	#client_ca_filename      		: "ca.crt",
	#auth_token              		: "my_secret",
	#encrypted_auth_token    		: "dfJtTQMGiFHfiq7sCmxguBt6Jv+eytkoiKCquSB/7iWxpgGsG2aez3z2j7SuBtKj",
	#header_auth_token           	: "my_secret",
	#encrypted_header_auth_token 	: "dfJtTQMGiFHfiq7sCmxguBt6Jv+eytkoiKCquSB/7iWxpgGsG2aez3z2j7SuBtKj",
	#ssl_protocols					: [ "TLSv1.2" ],
	authentication_type				: "basic",
	#jwt							:
										#secretKey	: "secret",
										#sub		: "moogsoft",
										#iss		: "moogsoft",
										#aud		: "moogsoft",
										#jti		: ""
	authentication_cache			: true,
	accept_all_json          		: true,
	lists_contain_multiple_events 	: true,
	num_threads              		: 5,
	rest_response_mode 				: "on_receipt",
	rpc_response_timeout			: 20,
	event_ack_mode 					: "queued_for_processing"
	name    						: "AWS SNS",
	#capture_log					: "$MOOGSOFT_HOME/log/data-capture/sns_lam.log"
	configuration_file				: "$MOOGSOFT_HOME/config/logging/sns_lam_log.json"

Configure for High Availability

Configure the AWS SNS LAM for high availability if required. See HA Configuration for details.

Configure LAMbot Processing

The AWS SNS LAMbot processes and filters events before sending them to the Message Bus. You can customize or bypass this processing if required. You can also load JavaScript files into the LAMbot and execute them.

See LAMbot Configuration for more information. An example AWS SNS LAM filter configuration is shown below.

    presend: "SnsLam.js",
    modules: [ "CommonUtils.js ]

Start and Stop the LAM

Restart the AWS SNS LAM to activate any changes you make to the configuration file or LAMbot.

The LAM service name is snslamd .

See Control Moogsoft AIOps Processes for the commands to start, stop and restart the LAM.

You can use a GET request to check the status of the AWS SNS LAM. See "Check the LAM Status" in Configure the REST LAM for further information and examples.

Configure AWS SNS

After you have the AWS SNS LAM running and listening for incoming requests, you can configure AWS SNS. See "Configure AWS SNS" in AWS SNS .