使用 EventBridge 擷取 APM 警示的承載需求
事件偵測與回應從何處擷取 APM 警示?
AWS 事件偵測與回應會在您將最終轉換承載傳送至其中的事件匯流排上安裝受管規則。最佳實務是建立此目的專用的自訂事件匯流排。
承載必須採用哪種格式?
AWS 事件偵測與回應擷取的事件匯流排事件需要下列最小 JSON 金鑰:值對:
{ "detail-type": "ams.monitoring/generic-apm", "source": "GenericAPMEvent" "detail": { "incident-detection-response-identifier": "Your alarm name from your APM", } }
下列範例顯示合作夥伴事件匯流排中轉換前和轉換後的事件。
轉換前:
{ "version": "0", "id": "a6150a80-601d-be41-1a1f-2c5527a99199", "detail-type": "Datadog Alert Notification", "source": "aws.partner/datadog.com/Datadog-aaa111bbbc", "account": "123456789012", "time": "2023-10-25T14:42:25Z", "region": "us-east-1", "resources": [], "detail": { "alert_type": "error", "event_type": "query_alert_monitor", "meta": { "monitor": { "id": 222222, "org_id": 3333333333, "type": "query alert", "name": "UnHealthyHostCount", "message": "@awseventbridge-Datadog-aaa111bbbc", "query": "max(last_5m):avg:aws.applicationelb.un_healthy_host_count{aws_account:123456789012} <= 1", "created_at": 1686884769000, "modified": 1698244915000, "options": { "thresholds": { "critical": 1.0 } }, }, "result": { "result_id": 7281010972796602670, "result_ts": 1698244878, "evaluation_ts": 1698244868, "scheduled_ts": 1698244938, "metadata": { "monitor_id": 222222, "metric": "aws.applicationelb.un_healthy_host_count" } }, "transition": { "trans_name": "Triggered", "trans_type": "alert" }, "states": { "source_state": "OK", "dest_state": "Alert" }, "duration": 0 }, "priority": "normal", "source_type_name": "Monitor Alert", "tags": [ "aws_account:123456789012", "monitor" ] } }
請注意,在轉換事件之前,detail-type 和 source 會指出發出警示的 APM 詳細資訊。這些內容必須在擷取之前修改。incident-detection-response-identifier 金鑰尚未存在,也必須在擷取之前新增。
Lambda 函式會轉換上述事件,並將其放入目標自訂或預設事件匯流排。轉換後的承載必須包含必要的鍵:值對。
轉換後:
{ "version": "0", "id": "7f5e0fc1-e917-2b5d-a299-50f4735f1283", "detail-type": "ams.monitoring/generic-apm", "source": "GenericAPMEvent", "account": "123456789012", "time": "2023-10-25T14:42:25Z", "region": "us-east-1", "resources": [], "detail": { "incident-detection-response-identifier": "UnHealthyHostCount", "alert_type": "error", "event_type": "query_alert_monitor", "meta": { "monitor": { "id": 222222, "org_id": 3333333333, "type": "query alert", "name": "UnHealthyHostCount", "message": "@awseventbridge-Datadog-aaa111bbbc", "query": "max(last_5m):avg:aws.applicationelb.un_healthy_host_count{aws_account:123456789012} <= 1", "created_at": 1686884769000, "modified": 1698244915000, "options": { "thresholds": { "critical": 1.0 } }, }, "result": { "result_id": 7281010972796602670, "result_ts": 1698244878, "evaluation_ts": 1698244868, "scheduled_ts": 1698244938, "metadata": { "monitor_id": 222222, "metric": "aws.applicationelb.un_healthy_host_count" } }, "transition": { "trans_name": "Triggered", "trans_type": "alert" }, "states": { "source_state": "OK", "dest_state": "Alert" }, "duration": 0 }, "priority": "normal", "source_type_name": "Monitor Alert", "tags": [ "aws_account:123456789012", "monitor" ] } }
請注意,detail-type 現在是 ams.monitoring/generic-apm,來源現在是 GenericAPMEvent,而詳細資訊下有新的鍵:值對:incident-detection-response-identifier。
incident-detection-response-identifier 值取自警示名稱,以您的 APM 傳送的承載為基礎。APM 彼此之間的 APM 警示名稱路徑不同。您必須設定 Lambda 函式,從 Lambda 收到的 APM JSON 承載中的正確路徑取得警示名稱,並用其作為 incident-detection-response-identifier 值。
傳送至 AWS 事件偵測與回應的每個警示類型的 incident-detection-response-identifier 值都必須是唯一的。在 incident-detection-response-identifier 上設定的每個唯一名稱都必須在上線期間提供給 AWS 事件偵測與回應團隊。若事件的 incident-detection-response-identifier 鍵具有不明的值或缺少值,則不會處理該事件。
