How can I trigger a lambda when a log group is created in cloudwatch? What I am thinking the easiest way to do is to create a cloudwatch rule to send cloudtrail event to lambda. Is it reasonable to do? If yes, how can I filter out other events but only trigger lambda when a log group is created?
Asked
Active
Viewed 658 times
1 Answers
4
The only event type supported by CloudWatch Events (CWE) for CW Logs (CWL) is:
AWS API Call via CloudTrail
Therefore, you can catch the events of interests when you enabled CloudTrail (CT) trail. Once enable, API events would be available in CWE. Then, you would have to create CWE rule which captures CreateLogGroup API call. The rule would trigger your lambda function.
An example CWE rule could be:
{
"source": [
"aws.logs"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"logs.amazonaws.com"
],
"eventName": [
"CreateLogGroup"
]
}
}
-
2I did a test and when a Lambda function is run, it calls `CreateLogGroup`. This API call is displayed within CloudTrail, so you can trigger a Lambda function from that event via CloudWatch Event rules. – John Rotenstein Sep 22 '20 at 02:23
-
@marcin - how to enable CloudTrail to do this, within Cloudformation? – Justin Jan 07 '23 at 16:03
-
@Justin Please make SO question specific to your issue with your current template and any errors you are getting. – Marcin Jan 07 '23 at 22:38
-
@marcin my apologies please see https://stackoverflow.com/questions/75041842/getting-cloudwatch-to-send-createloggroup-messages-to-eventbridge if you have a moment – Justin Jan 08 '23 at 10:09