This message was deleted.
# typescripts
sparse-intern-71089
09/05/2022, 4:10 PMThis message was deleted.
b
breezy-airplane-94478
09/09/2022, 3:56 AMCloudtrail and SNS monitoring account events? Yes I have. Anything specific you're looking to monitor and/or what questions you have?
b
breezy-laptop-42679
09/09/2022, 4:13 AMHello Brandon , im looking to send notification for all changes taking place in the company"s AWS account
b
breezy-airplane-94478
09/09/2022, 6:24 PMany change whatsoever? you’ll have to look into which eventbridge rule works for that (maybe something like
"*"breezy-airplane-94478
09/09/2022, 6:28 PMthis is how i’ve done that in the past, not sure if it exactly fits what you need to do, but maybe can give you a start
Copy code
const testEmail = '<mailto:test@gmail.com|test@gmail.com>';
const cloudWatchLogGroup = new aws.cloudwatch.LogGroup("cloudWatchLogGroup", {
retentionInDays: 0, // never expire
});
const testTopic = new aws.sns.Topic("testTopic", {
displayName: "test Alarm",
});
const testTopicSubscription = new aws.sns.TopicSubscription("testTopicSubscription", {
endpoint: testEmail,
protocol: "email",
topic: testTopic.id,
});
const testMetricFilter = new aws.cloudwatch.LogMetricFilter("testMetricFilter", {
pattern: `{($.eventName=ConsoleLogin) && ($.errorMessage="Failed authentication")}`,
logGroupName: cloudWatchLogGroup.name,
metricTransformation:
{
name: "AWS Test Change Metric",
namespace: "Test/TestMetrics",
value: "1",
},
});
const testAlarm = new aws.cloudwatch.MetricAlarm("testAlarm", {
name: "Test Metric Alarm",
comparisonOperator: "GreaterThanOrEqualToThreshold",
evaluationPeriods: 1,
metricName: testMetricFilter.metricTransformation.name,
namespace: testMetricFilter.metricTransformation.namespace,
period: 5 * 60,
statistic: "Average",
threshold: 1,
treatMissingData: "missing",
alarmActions: [testTopic.arn],
alarmDescription: "Monitoring Test Alarm",
});b
breezy-laptop-42679
09/12/2022, 4:52 AM👍
breezy-laptop-42679
09/12/2022, 4:52 AMThanks