# 使用 EventBridge 摄取 APM 警报的有效载荷要求 **事件检测及响应服务从哪里摄取 APM 警报?** AWS 事件检测及响应服务会将托管式规则安装在事件总线上,而您会将转换后的最终有效载荷发送到该事件总线上。最好是为此目的创建自定义事件总线。 **有效载荷必须采用什么格式?** AWS 事件检测及响应服务摄取的事件总线事件中需要以下最小的 JSON 键值对: ``` { "detail-type": "ams.monitoring/generic-apm", "source": "GenericAPMEvent" "detail": { "incident-detection-response-identifier": "Your alarm name from your APM", } } ``` 以下示例显示了来自合作伙伴事件总线的事件在转换前后的情况。 **转换前:** ``` { "version": "0", "id": "a6150a80-601d-be41-1a1f-2c5527a99199", "detail-type": "Datadog Alert Notification", "source": "aws.partner/datadog.com/Datadog-aaa111bbbc", "account": "123456789012", "time": "2023-10-25T14:42:25Z", "region": "us-east-1", "resources": [], "detail": { "alert_type": "error", "event_type": "query_alert_monitor", "meta": { "monitor": { "id": 222222, "org_id": 3333333333, "type": "query alert", "name": "UnHealthyHostCount", "message": "@awseventbridge-Datadog-aaa111bbbc", "query": "max(last_5m):avg:aws.applicationelb.un_healthy_host_count{aws_account:123456789012} <= 1", "created_at": 1686884769000, "modified": 1698244915000, "options": { "thresholds": { "critical": 1.0 } }, }, "result": { "result_id": 7281010972796602670, "result_ts": 1698244878, "evaluation_ts": 1698244868, "scheduled_ts": 1698244938, "metadata": { "monitor_id": 222222, "metric": "aws.applicationelb.un_healthy_host_count" } }, "transition": { "trans_name": "Triggered", "trans_type": "alert" }, "states": { "source_state": "OK", "dest_state": "Alert" }, "duration": 0 }, "priority": "normal", "source_type_name": "Monitor Alert", "tags": [ "aws_account:123456789012", "monitor" ] } } ``` 请注意,在转换事件之前,`detail-type` 和 `source` 指明警报源自的 APM 详细信息。必须在摄取之前对其进行修改。`incident-detection-response-identifier` 键尚不存在,也必须在摄取前添加。 Lambda 函数转换上述事件并将其放入目标自定义或默认事件总线中。转换后的有效载荷必须包含所需的键值对。 **转换后:** ``` { "version": "0", "id": "7f5e0fc1-e917-2b5d-a299-50f4735f1283", "detail-type": "ams.monitoring/generic-apm", "source": "GenericAPMEvent", "account": "123456789012", "time": "2023-10-25T14:42:25Z", "region": "us-east-1", "resources": [], "detail": { "incident-detection-response-identifier": "UnHealthyHostCount", "alert_type": "error", "event_type": "query_alert_monitor", "meta": { "monitor": { "id": 222222, "org_id": 3333333333, "type": "query alert", "name": "UnHealthyHostCount", "message": "@awseventbridge-Datadog-aaa111bbbc", "query": "max(last_5m):avg:aws.applicationelb.un_healthy_host_count{aws_account:123456789012} <= 1", "created_at": 1686884769000, "modified": 1698244915000, "options": { "thresholds": { "critical": 1.0 } }, }, "result": { "result_id": 7281010972796602670, "result_ts": 1698244878, "evaluation_ts": 1698244868, "scheduled_ts": 1698244938, "metadata": { "monitor_id": 222222, "metric": "aws.applicationelb.un_healthy_host_count" } }, "transition": { "trans_name": "Triggered", "trans_type": "alert" }, "states": { "source_state": "OK", "dest_state": "Alert" }, "duration": 0 }, "priority": "normal", "source_type_name": "Monitor Alert", "tags": [ "aws_account:123456789012", "monitor" ] } } ``` 请注意,`detail-type` 现在是 `ams.monitoring/generic-apm`,源现在是 `GenericAPMEvent`,在详细信息下有新的键值对:`incident-detection-response-identifier`。 `incident-detection-response-identifier` 值是根据您的 APM 发送的有效载荷从警报名称中提取的。APM 警报名称路径因 APM 而异。必须设置 Lambda 函数,以便从 Lambda 收到的 APM JSON 有效载荷中的正确路径获取警报名称,并将其用于 `incident-detection-response-identifier` 值。 对于发送到 AWS 事件检测及响应服务的每种警报类型,`incident-detection-response-identifier` 值必须是唯一的。`incident-detection-response-identifier` 上设置的每个唯一名称必须在加入期间提供给 AWS 事件检测及响应服务团队。不处理其 `incident-detection-response-identifier` 键的值未知或缺失的事件。