Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improvement: Cloudwatch Alarms to Rule Processor #115

Closed
jacknagz opened this issue Apr 20, 2017 · 1 comment
Closed

Improvement: Cloudwatch Alarms to Rule Processor #115

jacknagz opened this issue Apr 20, 2017 · 1 comment
Labels
datasources improvement log schemas rules

Comments

@jacknagz
Copy link
Contributor

Background

The tf_stream_alert_monitoring Terraform module creates a set of Cloudwatch Metric Alarms for monitoring multiple pieces of the StreamAlert cluster(s). Ideally, this should emit alerts into the rule_processor which then would allow users to forward these to whichever output they want.

Desired Outcome

The ability to specify an SNS topic as an input source, and to write rules on operational alarms.

Depends On

#64 - SNS must be a supported source before this is possible, as Cloudwatch alarm actions only can be an Amazon EC2 action, an Auto Scaling action, or a notification sent to an Amazon SNS topic.
@jacknagz
Copy link
Contributor Author

jacknagz commented Jun 7, 2017

Closing this out - it should be managed by an outside Lambda function unrelated to StreamAlert. You shouldn't use the tool to monitor itself.

@jacknagz jacknagz closed this as completed Jun 7, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
datasources improvement log schemas rules
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jacknagz