“ I have checked the documents of AWS to get the solution for setup of log metric filter on cloudtrail log group so that whenever some config changes in any service we will be notified of the activity for it. In terms of cost, there is no charge for aws cloudwatch log metric filter feature but only need to pay for services integrated with it.”
Amazon Cloudwatch monitors your Amazon Web Services resources and the applications you run on AWS in real time. Amazon Cloudwatch logs to monitor, store and access your log files from Amazon Elastic Compute Cloud instances, AWS Cloudtrail, Route53 and other sources.
Cloudwatch logs enable you to centralize the logs from all of your systems, applications and AWS services that you use, in a single, highly scalable service. You can then easily view them, search them for specific error codes or patterns, filter them based on specific fields or archive them securely for future analysis.
A log stream is a sequence of log events that share the same source. Each separate source of logs in cloudwatch logs makes up a separate log stream. A log group is a group of log streams that share the same retention, monitoring and access control settings. You can define log groups and specify which streams to put into each group. There is no limit on the number of log streams that can belong to one log group.
In this post, you will experience how contours of log metric filter on cloudtrail log group via filter patterned . Here I have created a sns topic with subscription, cloudwatch log group, cloudwatch alarm, cloudwatch log metric filter and cloudtrail.
Architecture Overview
The architecture diagram shows the overall deployment architecture with data flow, aws cloudtrail, amazon cloudwatch, amazon sns and email.
Solution overview
The blog post consists of the following phases:
- Create of Log Metric Filter and Alarm on Cloudwatch Log Group
- Output as Changes in Cloudtrail Configuration via Alarm Notification on Email
Phase 1: Create of Log Metric Filter and Alarm on Cloudwatch Log Group
- Open the console of Cloudwatch, create a log metric filter on cloudtrail log group with required filter pattern. Also create an alarm on the metric filter.
Phase 2: Output as Changes in Cloudtrail Configuration via Alarm Notification on Email
Clean-up
Delete of Cloudtrail, Cloudwatch and SNS.
Pricing
I review the pricing and estimated cost of this example.
Cost of Simple Notification Service = $0.0
Cost of CloudWatch = $0.02
Cost of Cloudtrail = $0.0
Total Cost = $0.02
Summary
In this post, I showed “how to contours of log metric filter on cloudtrail log group via filter patterned”.
For more details on Amazon Cloudwatch, Checkout Get started Amazon Cloudwatch, open the Amazon Cloudwatch console. To learn more, read the Amazon Cloudwatch documentation.
Thanks for reading!
Connect with me: Linkedin
Top comments (0)