Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Eventbridge pattern in json

0

I have created a eventbridge rule with cloudwatch log group as source and sns as the target. But i am not receiving email notifications that is registered in the log group. Instead of cloudwatch log group, if EC2 is given, then email notification is success. How to configure the eventbridge json pattern.

  • Gary Mclean EXPERT
    a year ago

    Please confirm what you are trying to achieve? Do you want to parse CW Log stream?

  • Divya
    a year ago

    I’ve set up an EventBridge rule with a CloudWatch Log Group as the source and an SNS topic as the target, but I'm not receiving email notifications. However, notifications work fine when the source is an EC2 instance instead of a CloudWatch Log Group. How should I configure the EventBridge JSON pattern to ensure I receive notifications based on log events?

Topics
Application IntegrationServerlessManagement & GovernanceNetworking & Content DeliverySecurity, Identity, & Compliance
Tags
Amazon CloudWatchAmazon Simple Notification Service (SNS)IAM PoliciesAmazon EventBridge
Language
English
asked a year ago431 views
1 Answer
1
  1. Understanding the CloudWatch Log Event Format When CloudWatch Log Group sends log events to EventBridge, the event follows a certain format. Here is a sample of what the event might look like:
{
  "version": "0",
  "id": "12345678-1234-1234-1234-123456789012",
  "detail-type": "CloudWatch Logs Log Group Event",
  "source": "aws.logs",
  "account": "123456789012",
  "time": "2021-07-01T12:34:56Z",
  "region": "us-west-2",
  "resources": ["arn:aws:logs:us-west-2:123456789012:log-group:/aws/lambda/my-function:*"],
  "detail": {
    "logGroup": "/aws/lambda/my-function",
    "logStream": "2021/07/01/[$LATEST]abcdef1234567890abcdef1234567890",
    "message": "Test log message"
  }
}

2. Defining the Event Pattern

To receive notifications for specific events from CloudWatch logs, you need to match against the source, detail-type, or specific details within the event, such as the log group or log stream.

Here’s an example JSON event pattern that you can use to match CloudWatch Logs events:

{
  "source": ["aws.logs"],
  "detail-type": ["CloudWatch Logs Log Group Event"],
  "detail": {
    "logGroup": ["/aws/lambda/my-function"]  // Update this with your specific log group name
  }
}

This event pattern will capture events specifically from the log group /aws/lambda/my-function.

  1. Configuring the EventBridge Rule Follow these steps to configure the rule in AWS:

Go to the EventBridge Console.

Select Create Rule.

Define the Event Source:

Event Source: Choose Event Pattern.

Service Name: Select CloudWatch Logs as the service.

Event Type: Select CloudWatch Logs Log Group Event.

Use the JSON pattern similar to the one shown above.

Set the Target as Amazon SNS:

Choose the SNS topic where you want to receive the notifications.

Make sure the SNS topic is correctly subscribed to the email address.

4. Testing and Debugging

Ensure the email address is verified in the SNS subscription.

Use the EventBridge Console to check if events from CloudWatch Logs are matched by the rule.

Look at the CloudWatch Logs for the rule to see if there are any errors.

EXPERT
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content