1

my end goal is to have a Notification Lambda that is triggered when any other lambda has an error. I want this Notification Lambda to receive the logged error and to send out a notification such as an email with the problem lambda name + the error message. Ideally I'd like a link to the log location in the AWS console, but that seems a stretch.

Cloudwatch logs have errors like:

{
  "errorMessage": "2020-02-20T16:13:04.888Z abca3f75-d37f-4f3a-88f4-3d1ef49bb285 Task timed out after 3.00 seconds"
}

I have been trying to set up a cloudwatch event rule that is triggered on a filter for a lambda that contains the text "errorMessage" and passes on the error message to the Notification Lambda.

I have not been able to get anything to work. Could someone point me to the correct way to write an cloudwatch event rule that filters for a) lambda b) the text "errorMessage" and passes on the error message + ideally the lambda name to a topic or directly to a lambda?

All the examples I see to solve this problem are using alarms which only pass information about the alarm, not the actual problem.

I want to set this all up in code, but a first step just getting it running via the console would be ok too.

thanks!

Improve this question
1
  • Maybe you could query the logs in the notification lambda based on the alarm timestamp? Commented Feb 21, 2020 at 7:29

1 Answer 1

Reset to default
1

You can try using CloudWatch Logs Subscription Filter and stream them to Lambda

Go to CloudWatch Logs Console, Select the radio button against the Log Group and choose "Actions" dropdown -> "Stream to AWS Lambda"

  1. Choose the Target Lambda Function to process the logs
  2. Choose the log format (In your case Lambda Log Format, if you want specific ERROR messages, choose "Other" and provide structure/Regex)
  3. Click on "Start Streaming" to receive the logs to another lambda

Ref: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/SubscriptionFilters.html#LambdaFunctionExample

Hope this helps !!

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I did get this to work... but there is a missing piece, when the 2nd lambda receives the event containing the logs there is no indication of which lambda had the error. I could make all the logs in the lambdas log their own lambda name/id but for system events like "function timed out" the context is lost.
You will get the log group name in the received event, that will help you identify the source lambda

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.