Skip to main content

AWS CloudWatch LAM Reference

This is a reference for the AWS CloudWatch LAM and UI integration. The AWS CloudWatch LAM configuration file is located at $MOOGSOFT_HOME/config/aws_lam.conf.

The following properties are unique to the AWS CloudWatch LAM and UI integration.

See the LAM and Integration Reference for a full description of all common properties used to configure LAMs and UI integrations.LAM and Integration Reference

See the AWS CloudWatch documentation for details on AWS CloudWatch components.

access_key_id

The Access Key ID received at the time of creating the AWS account.

Type

String

Required

Yes, if not using encrypted_access_key_id

Default

N/A

encrypted_access_key_id

The encrypted access key id. To use this field, comment out the access_key_id field. If both fields are uncommented, then encrypted_access_key_id will be used.

Type

String

Required

Yes, if not using access_key_id

Default

N/A

secret_access_key

The secret access key you receive when you create an AWS account.

Type

String

Required

Yes, if not using encrypted_secret_access_key

Default

N/A

encrypted_secret_access_key

An encrypted secret access key. To use this field, comment out the secret_access_key field. If both fields are uncommented, then encrypted_secret_access_key will be used.

Type

String

Required

Yes, if not using secret_access_key

Default

N/A

role_arn

Role ARN of the delegated role. If credentials (access_key_id and secret_access_key) are provided, it is assumed that it belongs to a user from the account trusted with role delegation. If no credentials are provided, SDK falls back on environment variables, SDK or instance roles for them.

Type

String

Required

No

Default

N/A

role_session_validity

Duration (in seconds) for which temporary credentials remain valid for sending requests to AWS.

Type

Integer

Required

Yes

Default

3600

exclude_protected_regions

When true, US Government and Chinese regions are not added when aws_all_regions is used in either the alarms or events filter. When false, all regions are included.

Type

Boolean

Required

Yes

Default

true

filter

Filters alarms and/or events fetched from AWS CloudWatch by region. You can use a maximum of one alarm filter and one event filter at a time. By default, all alarms and events from your AWS account are forwarded to Moogsoft Enterprise. If you do not want to use filtering, comment out the filter section.

Type

Object

Required

No

Default

N/A

Valid Values

See the alarms and events properties below.

Example

filter:
{
    alarms:
    { 
        "aws_all_regions":
        {
            #alarm_name_prefix            : "",
            alarms_to_monitor             : ["alarm1", "alarm2"]
        }
        #,
        #"us-west-2":
        #{
        #    alarm_name_prefix            : "alarm",
        #    alarms_to_monitor             : ["3", "4"]
        #}
    
    events:
    {
        "aws_all_regions":
        {
            filter_pattern              : "scheduled",
            log_group_to_monitor         : ["/aws/lambda/event1"]
        }
        #,       
        #"ap-south-1":
        #{
        #    #filter_pattern               :"",
        #    log_group_to_monitor         :["/aws/lambda/event2", "/aws/lambda/event3"]
        #}
    }
}

alarms

Filters the alarms received from AWS CloudWatch by region. The alarm_name_prefix filters alarms based on their prefixes. The aws_all_regions filter applies to all regions that have not been separately filtered. Note that you can only use one of these filters at a time.

Type

String

Required

No

Default

N/A

The LAM can fetch alarms from multiple regions.In the state file, there are 15 regions to fetch the alarms, and for logs there is one common timestamp which is used to fetch events from all the applicable regions. These are as follows:

"alarms":
        {
            "ap-south-1":1509610912603,
            "eu-west-3":1509610912603",
            "eu-west-2":1509610912603,
            "eu-west-1":1509610912603,
            "ap-northeast-2":1509610912603,
            "ap-northeast-1":1509610912603,
            "ca-central-1":1509610912603,
            "sa-east-1":1509610912603,
            "ap-southeast-1":1509610912603,
            "ap-southeast-2":1509610912603,
            "eu-central-1":1509610912603,
            "us-east-1":1509610912603,
            "us-east-2":1509610912603,
            "us-west-1":1509610912603,
            "us-west-2":1509610912603
        },

"logevent":1509610854792

events

Filters the events from AWS CloudWatch by region. log_group_to_monitor specifies the log group to filter within a region. The filter_pattern filters events within the specified log group. The aws_all_regions filter applies to all regions that have not been separately filtered.

Type

String

Required

No

Default

N/A