We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Currently, the TotalRecords metric is based around the number of records in the event which invoked Lambda:
TotalRecords
streamalert/stream_alert/rule_processor/handler.py
Line 119 in 560c0f7
This is slightly misleading when records are nested, such as with VPC flow logs, or perhaps with S3 files that are pulled and parsed.
Observe your Lambda function execution for nested records, and this pattern will show as metrics are logged to CloudWatch.
Base the TotalRecords metric on the number of records parsed into the StreamPayload object:
StreamPayload
Line 381 in 560c0f7
The text was updated successfully, but these errors were encountered:
Successfully merging a pull request may close this issue.
Background
Description
Currently, the
TotalRecords
metric is based around the number of records in the event which invoked Lambda:streamalert/stream_alert/rule_processor/handler.py
Line 119 in 560c0f7
This is slightly misleading when records are nested, such as with VPC flow logs, or perhaps with S3 files that are pulled and parsed.
Steps to Reproduce
Observe your Lambda function execution for nested records, and this pattern will show as metrics are logged to CloudWatch.
Desired Change
Base the
TotalRecords
metric on the number of records parsed into theStreamPayload
object:streamalert/stream_alert/rule_processor/handler.py
Line 381 in 560c0f7
The text was updated successfully, but these errors were encountered: