There are Slack integrations for everything, but sometimes you need something more specific, so this time, I will show you a way to create your own AWS Lambda CloudWatch customizable integration to be notified when your application logs something in CloudWatch.
A custom integration, what is it?
Incoming webhooks are a simple way to share information from external sources with your workspace.
The API to create an integration is complete; of course, it depends on what you want to create, but it covers enough to solve all needs. On the other hand, it is a way to have total control over your information and the format used to display it in your Slack workspace.
What is a Lambda function?
Basically, it is a code snippet that only runs on demand, and the price is cheaper than other Slack integrations that you have to pay even if they are not used. Using this Lambda function, you can reduce your costs a bit by eliminating unnecessary integrations since if you only need to send error alerts, the use of this function should be very little because, of course, we do not want our applications in production to be full of errors.
We can help you manage and monitor your AWS Cloud resources & applications with our AWS Managed Services!
Let’s go to AWS Lambda CloudWatch Log
- First, you need to access to AWS Management Console
2. Create a new IAM role, it will be used to access to CloudWatchLogs events.
3. Now you need to create 2 logs groups in CloudWatch, /aws/lambda/Log2Slack and production-api or whatever name you want to test. Note: Retention setting is used to assign a log lifetime.
4. In order to create the lambda function, you need to go to Lambda and click on the Create button, then assign a name, select the runtime language (Node.js for this example), and assign the role previously created.
5. Add a trigger to listen to the CloudWatch events.
6. Before adding the lambda code you need to create a custom integration using this URL https://{your-slack-workspace}.slack.com/apps/manage/custom-integrations then clicking on Incoming Webhooks
7. Now click on Add to Slack.
- Select a channel to post the alerts
- Click on
Add Incoming Webhook integration - Copy the value of
Webhook URLNote: _In Integration Settings you can assign a name and a logo to provide a nicer look _
- It has been a long road so far, but now you are very close to completing the integration, click on the name of your function to open the code editor and then double click on the
index.jsfile and replace the current content with the code below.
const zlib = require("zlib");
const https = require("https");
const SLACK_ENDPOINT =
"/services/T1N6FE97Y/B01NK2BR2CR/TrCYV2mkCIRaaxopcXYF3jyc"; // don't use this endpoint, I removed it after publish this post
const SLACK_BOT = "Cloudwatch";
function doRequest(content) {
// formatting the message according Slack API
const payload = {
username: SLACK_BOT,
blocks: [
{
type: "header",
text: {
type: "plain_text",
text: "Whoops, looks like something went wrong 😞🤕",
emoji: true,
},
},
{
type: "section",
fields: [
{
type: "mrkdwn",
text: "<!here> the API is running into an issue",
},
],
},
{
type: "section",
fields: [
{
type: "mrkdwn",
text: "*Environment: * Production",
},
],
},
{
type: "section",
fields: [
{
type: "mrkdwn",
text: "*Message:* _" + content.message + "_",
},
],
},
{
type: "section",
fields: [
{
type: "mrkdwn",
text: "*Stacktrace:*",
},
],
},
{
type: "section",
text: {
type: "mrkdwn",
text:
"```" +
JSON.stringify(content.original ? content.original : content) +
"```",
},
},
{
type: "divider",
},
],
};
const payloadStr = JSON.stringify(payload);
const options = {
hostname: "hooks.slack.com",
port: 443,
path: SLACK_ENDPOINT,
method: "POST",
headers: {
"Content-Type": "application/json",
"Content-Length": Buffer.byteLength(payloadStr),
},
};
const postReq = https.request(options, function (res) {
const chunks = [];
res.setEncoding("utf8");
res.on("data", function (chunk) {
return chunks.push(chunk);
});
res.on("end", function () {
if (res.statusCode < 400) {
console.log("sent!!!");
} else if (res.statusCode < 500) {
console.error(
"Error posting message to Slack API: " +
res.statusCode +
" - " +
res.statusMessage
);
} else {
console.error(
"Server error when processing message: " +
res.statusCode +
" - " +
res.statusMessage
);
}
});
return res;
});
postReq.write(payloadStr);
postReq.end();
}
function main(event, context) {
context.callbackWaitsForEmptyEventLoop = true;
// always returns the last event
const payload = Buffer.from(event.awslogs.data, "base64");
const log = JSON.parse(zlib.gunzipSync(payload).toString("utf8"));
// the log is an object that contains an array of events called `logEvents` and we need access it bypassing the index 0
doRequest(log.logEvents[0]);
const response = {
statusCode: 200,
body: JSON.stringify("Event sent to Slack!"),
};
return response;
}
exports.handler = main;- Click on
Deploybutton to complete the function. - Testing, testing and testing. There are two ways to test the function:
- Clicking on
Testbutton and selecting theAmazon Cloudwatch Logstemplate.
- Creating a
Log Streamdirectly into theLog Group, then enter to log stream and triggering a log event manually.
This is the final result after a Cloudwatch log is sent to Slack 🎉
Slack resources:
Do you need an expert engineer to help you solve your software development challenges? Here we are! Just contact us!
AWS Lambda CloudWatch: Final thoughts
Creating your own AWS Lambda CloudWatch integration to log the relevant information about your applications is very easy and if you want you can customize each type of log level to show as providing an easy way to fix the issues without wasting time checking the logs directly in Cloudwatch.
At ClickIT we can provide solutions to improve your workflow using the most modern and useful tools.
AWS Lambda CloudWatch FAQs
To set up AWS Lambda for CloudWatch log integration with Slack, you can create a Lambda function triggered by CloudWatch Logs. Within the Lambda function, use the AWS SDK to fetch logs and then format and send them to a Slack channel using the Slack API. Configuring the necessary permissions and creating the appropriate CloudWatch log groups are crucial steps in this process.
Integrating AWS Lambda with Slack via CloudWatch logs provides real-time notifications and alerts directly to your Slack channels. This allows for quicker detection and resolution of issues, improved collaboration among team members, and the ability to stay informed about critical events within your AWS environment without constant manual monitoring.
Security is a top priority. Ensure that your Lambda function has the necessary IAM roles with the principle of least privilege. Additionally, when posting logs to Slack, use secure channels and employ encryption mechanisms to protect sensitive information. Regularly review and update permissions to maintain a secure integration.
Yes, you can customize the notifications to suit your needs. Within your Lambda function, modify the formatting of log messages before sending them to Slack. This allows you to tailor the information presented in Slack channels, making it more readable and actionable for your team.
