I want to save the requests executed by Athena in a LogsGroup of the CloudWatch service.
In CloudWatch, I created this rule:
{
"source": [
"aws.athena"
],
"detail-type": [
"Athena Query State Change"
],
"detail": {
"currentState": [
"QUEUED",
"RUNNING",
"SUCCEEDED",
"FAILED",
"CANCELLED"
]
}
}
And, I attached the rule to a CloudWatch LogsGroup like this:
LogsGroup
I managed to register logs in CloudWatch -> Log groups -> /aws/events/TestAthena but I don't have the information I want:
{
"version": "0",
"id": "a8bad43b-1b9a-da7e-c004-f3c920e1bddd",
"detail-type": "Athena Query State Change",
"source": "aws.athena",
"account": "<account_id>",
"time": "2021-08-23T15:54:13Z",
"region": "eu-west-3",
"resources": [],
"detail": {
"currentState": "RUNNING",
"previousState": "QUEUED",
"queryExecutionId": "b0fe7373-676d-43d5-b866-19d701c9dc56",
"sequenceNumber": "2",
"statementType": "DML",
"versionId": "0",
"workgroupName": "dev-Connect-CardBulk"
}
}
I wish to have :
The request executed
The time the request was executed
The user who executed the request
It is possible to have this with CloudWatch ?
Thank you in advance for your help,
Out of the box, you can have QueryPlanningTime, QueryQueuetime etc. metrics.
Nonetheless, you need Cloudtrail to track who executed.
Refer to these links:
List of CloudWatch Metrics and Dimensions for Athena
Monitoring Amazon Athena Queries using Amazon CloudWatch
Related
I'm invoking a scheduled Step Function with a CloudWatch event. The input of the first batch job in the step function state machine is like the following:
{
"version": "0",
"id": "sdjlafgdf05-7c32-435hf-aa3b5a8sfade815",
"detail-type": "Scheduled Event",
"source": "aws.events",
"account": "xxxxxxxx",
"time": "2022-01-14T19:46:49Z",
"region": "us-east-1",
"resources": [
"arn:aws:events:us-east-1:xxxxxxxxxxxx:rule/adfnwelkqnlngqrej-SAFFJKHF734"
],
"detail": {}
}
I want the "time" field can give me the integer. Specifically, instead of "2022-01-14T19:46:49Z", I want "1642189609" (epoch in seconds), so I don't need to parse it in my batch job code. I'm using CDK to build the infrastructure. Is there any way of doing this?
At the moment this is not possible directly with native Step Functions "Intrinsic Functions". So you have two options:
Do it via a lambda as explained in this other answer
Pass it first to EventBridge and then create a rule for EventBridge to foward it to CloudWatch
I want to set alarm, when any EMR cluster is terminated(caused by internal errors), I know there is a "IsIdle" option, but my EMR clusters are designed to be persistent, so "IsIdle" is not really fit my case. Is there a health-check metric that I can used?
You can configure Amazon CloudWatch to send a "State Change" event to another service like an AWS Lambda function or an Amazon SNS topic.
To achieve this, open the CloudWatch console, in the navigation pane click on Rules > Create rule.
Service Name: EMR
Event Type: State Change
Specific detail type(s): EMR Cluster State Change
Specific State: TERMINATED and TERMINATED_WITH_ERRORS
Targets: Put the receiving service of your choice.
Here's an example of such an event:
{
"version": "0",
"id": "8535abb0-f87e-4640-b7b6-8de000dfc30a",
"detail-type": "EMR Cluster State Change",
"source": "aws.emr",
"account": "123456789012",
"time": "2016-12-16T21:00:23Z",
"region": "us-east-1",
"resources": [],
"detail": {
"severity": "INFO",
"stateChangeReason": "{\"code\":\"USER_REQUEST\",\"message\":\"Terminated by user request\"}",
"name": "Development Cluster",
"clusterId": "j-1YONHTCP3YZKC",
"state": "TERMINATED",
"message": "Amazon EMR Cluster j-1YONHTCP3YZKC (Development Cluster) has terminated at 2016-12-16 21:00 UTC with a reason of USER_REQUEST."
}
}
I am triggering my codebuild using codebuild triggers feature with an cron expression cron(*/2 * * * ? *) which triggers for every 2 minutes . Unfortunately, this didn't run after 2 minutes when i checked the cloudwatch show metrics i can see that there were some failedinvocations. To know the cause the of the error i enabled the cloudtrail logs and i can see the error like this
{
"eventVersion": "1.04",
"userIdentity": {
"type": "IAMUser",
"principalId": "xx",
"arn": "arn:aws:iam::xx:user/xx",
"accountId": "xx",
"accessKeyId": "xx",
"userName": "xx",
"sessionContext": {
"attributes": {
"mfaAuthenticated": "true",
"creationDate": "2019-03-04T06:21:22Z"
}
},
"invokedBy": "signin.amazonaws.com"
},
"eventTime": "2019-03-04T09:04:56Z",
"eventSource": "monitoring.amazonaws.com",
"eventName": "DescribeAlarms",
"awsRegion": "ap-south-1",
"sourceIPAddress": "xxx",
"userAgent": "signin.amazonaws.com",
"errorCode": "ValidationException",
"errorMessage": "1 validation error detected: Value 'INVALID_FOR_SUMMARY' at 'stateValue' failed to satisfy constraint: Member must satisfy enum value set: [INSUFFICIENT_DATA, ALARM, OK]",
"requestParameters": {
"stateValue": "INVALID_FOR_SUMMARY"
},
"responseElements": null,
"requestID": "94f3a789-3e5c-11e9-92f8-xxx",
"eventID": "c9ecfca2-a650-4997-b707-xxx",
"eventType": "AwsApiCall",
"recipientAccountId": "xxx"
}
What is this exactly mean 1 validation error detected: Value 'INVALID_FOR_SUMMARY' at 'stateValue' failed to satisfy constraint: Member must satisfy enum value set: [INSUFFICIENT_DATA, ALARM, OK] ?
Does this error is the reason for not triggering my code build ?
Any help is appreciated
Thanks
Do it from amazon command line, it looks like a known issue in AWS. I managed to update mine via the regular CI job of the orchestration.
I am trying to create a auto-remediation process that will stop/delete any VPC, Cloudformation Stack, VPC, Lambda, Internet Gateway or EC2 created outside of the eu-central-1 region. My first step is to parameter a CloudWatch event rule to detect any of the previously mentioned event.
{
"source": [
"aws.cloudtrail"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"ec2.amazonaws.com",
"cloudformation.amazonaws.com",
"lambda.amazonaws.com"
],
"eventName": [
"CreateStack",
"CreateVpc",
"CreateFunction20150331",
"CreateInternetGateway",
"RunInstances"
],
"awsRegion": [
"us-east-1",
"us-east-2",
"us-west-1",
"us-west-2",
"ap-northeast-1",
"ap-northeast-2",
"ap-south-1",
"ap-southeast-1",
"ap-southeast-2",
"ca-central-1",
"ap-south-1",
"eu-west-1",
"eu-west-2",
"eu-west-3"
"sa-east-1"
]
}
}
For now, the event should only trigger an SNS topic that will send me an email, but in the future there will be a lambda fonction to do the remediation.
Unfortunately, when I go create an Internet Gateway in another region (let's say eu-west-1), no notification occur. The Event does not appear if I want to set an alarm on it either, while it does appear in CloudWatch Events).
Any idea what could be wrong with my event config?
OK, I figured it out. The source of the event changes even if the notification comes from CloudTrail. The "source" parameters should therefore be:
"source": [
"aws.cloudtrail",
"aws.ec2",
"aws.cloudformation",
"aws.lambda"
]
In order to receive Azure IotHub Device Twin change notifications, it appears that it's necessary to create a custom endpoint and create a route to send notifications to that endpoint. This seems straightforward enough on the Azure Portal, but as one might expect we want to automate it.
I haven't been able to find any documentation for the the az cli or even the REST API, though I might have missed something. I didn't find anything promising looking in the SDKs either.
How do I automate adding a custom endpoint and then setting up the route for device twin notifications?
You can check IotHubs template to see if it helps.
Route:
"routing": {
"endpoints": {
"serviceBusQueues": [
{
"connectionString": "string",
"name": "string",
"subscriptionId": "string",
"resourceGroup": "string"
}
]
},
"routes": [
{
"name": "string",
"source": "string",
"condition": "string",
"endpointNames": [
"string"
],
"isEnabled": boolean
}
],
Consumer group:
{
"apiVersion": "2016-02-03",
"type": "Microsoft.Devices/IotHubs/eventhubEndpoints/ConsumerGroups",
"name": "[concat(parameters('hubName'), '/events/cg1')]",
"dependsOn": [
"[concat('Microsoft.Devices/Iothubs/', parameters('hubName'))]"
]
},
For more detailed information you can reference:
Microsoft.Devices/IotHubs template reference
Create an IoT hub using Azure Resource Manager template (PowerShell)