I have an AWS lambda that runs every 3 weeks and I want to trigger a CloudWatch Alarm every time there is a line with "ERROR" in the logs. Based on the fact that the maximum Alarm Evaluation Period is 1 day for a CloudWatch Metric Alarm, what is the best way to monitor these errors and trigger an alarm?
I was thinking of:
but I'm not sure, log data are too rare. What do you suggest?
I was thinking of:
- creating a Log Filter (Metric)
- crating a CloudWath Metric Alarm with period = 1 day
Yes, that's exactly what you need to do. It will work just fine.
but I'm not sure, log data are too rare.
This is not a problem. Every day the metric alarm will evaluate the logs, and then send you a message if there is an error in the logs. If the Lambda function didn't run that day, then there will be no logs for the Metric to evaluate, so it will do nothing (which is not a problem). I would even suggest changing it to evaluate the logs more often, like once an hour.
The maximum alarm evaluation period of 1 day just means you can't configure an alarm like this:
But you aren't trying to do that at all. You aren't trying to aggregate the number of alarms over a period of multiple days, you are simply wanting to know if there is an error message at all.
There is no such thing as a "logs too rare" problem here.