How to send alert based on log message on CloudWatch

Question

I have a lambda that sends to STDERR when a given operation fails, something like:

async function handler(event, context) {
  const success = do()
  if (success) {
    return { statusCode: 200 }
  }
  console.error('Failed :(')
  return { statusCode: 400 }
}

This is very simplified, but you get the idea. Naturally, this message will appear on CloudWatch. I would like to know if it's possible (and how to) setup a CloudWatch Alarm to send me an email if this message shows up in my logs.

I've read the docs about CloudWatch alarms, but It's very cluttered and hard to find anything there.

Answer 1

It's basically a three (kind of four) step process.

1. You need to create a Metric Filter from your logs. This will allow you to create a metric whenever there is an "error" in your log (or whatever other condition you want). The name of the metric would typically be something like "Errors" for this case, but there is a namespace that is fully yours. In that spot you put something like "/my-organization/my-service" or whatever makes sense to you.
2. Create a Metric Alarm. This alarm is where you will specify what conditions trigger the alarm. For example, if there is 1 error in any 2 minutes. This alarm will be pointed at the new metric you created in the previous step.
3. Send the alarm to an SNS topic.
4. Subscribe to the SNS topic with your email.