In this lab, we’ll walk through the process to filter over existing logging data inside of CloudWatch Logs. We’ll start by creating a SNS topic without a subscription, then filter our CloudWatch Logs data to create a metric filter. After creating a metric filter and defining our metric, we will configure an alarm to send notifications to our created SNS topic.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Create an SNS Topic Named ErrorTopic without a Subscription
Navigate to to the SNS dashboard and create a SNS topic named
ErrorTopic.Do not enable a subscription for this SNS topic.
- Create a Metric Filter on the TrackMyErrors CloudWatch Logs Log Group Filtering for StatusCode 500
Navigate to the CloudWatch Logs dashboard and create a metric filter on the TrackMyErrors CloudWatch Logs Log Group.
Create a metric filter named
StatusCode500using the following filter:
[host, logName, user, timestamp, request, statusCode=5*, size].Note: Use this exact filter for grading purposes.
Create a metric based on this filter; name your metric and namespace
StatusCode500.- Create an Alarm Based on the Metric You Created
Navigate to the
StatusCode500metric (in CloudWatch’s All metrics view) and wait a short period for data to populate in the metric dashboard.After you see data plotted for the metric, create an alarm for the metric. Name the alarm
StatusCode500.Set the alarm statistic to Sum and the period to 1 minute. Configure the threshold to trigger whenever there are more than four events in the 1-minute period.
Configure the alarm action to send notifications when it is In Alarm to the SNS topic you created.
