在Amazon CloudWatch中为Amazon S3 PutoBject创建度量滤波器

发布于 2025-02-13 00:21:33 字数 915 浏览 1 评论 0原文

我创建了一个公制过滤器，该公制过滤器过滤S3对象将请求和基础放在该过滤器上，我将创建一个警报，如果在过去24小时内没有对象上传S3存储桶中的对象，它将发送警报。我还有一个不同的解决方案，该解决方案使用S3事件通知和DynamoDB发送警报，但是我希望通过CloudWatch Metric Filter来完成此警报。问题在于我无法为特定存储桶创建度量过滤器。因此，它扫描所有水桶。这是我的过滤器：

{ ($.eventSource = s3.amazonaws.com) && (($.eventName = CopyObject) || ($.eventName = CompleteMultipartUpload) || ($.eventName = PutObject) || ($.eventName = PostObject)) }

这是一个特定桶的捕获日志的方式：

"eventTime": "2022-07-05T06:50:46Z",
    "eventSource": "s3.amazonaws.com",
    "eventName": "PutObject",
    "awsRegion": "eu-west-1",
    "sourceIPAddress": "cloudtrail.amazonaws.com",
    "userAgent": "cloudtrail.amazonaws.com",
    "requestParameters": {
        "bucketName": "my-test-s3-bucket",
        "x-amz-acl": "bucket-owner-full-control",
        "x-amz-server-side-encryption-context":

有什么方法可以在我的过滤器模式上只包含一个S3桶？我已经尝试了不同的方法，但没有起作用。

原文

I have created a metric filter that filters the S3 object put requests and bases on that filter I will create an alarm that if there is no object uploaded in S3 bucket in last 24 hours, it will send an alert.
I also have a different solution that uses the s3 Event notification and dynamodb to send alerts, but I want this to be done through cloudwatch metric filter.
The problem is that I am unable to create a metric filter for a particular bucket. So it scans all the buckets. Here is my filter:

{ ($.eventSource = s3.amazonaws.com) && (($.eventName = CopyObject) || ($.eventName = CompleteMultipartUpload) || ($.eventName = PutObject) || ($.eventName = PostObject)) }

And here is how the logs are captured for one particular bucket:

"eventTime": "2022-07-05T06:50:46Z",
    "eventSource": "s3.amazonaws.com",
    "eventName": "PutObject",
    "awsRegion": "eu-west-1",
    "sourceIPAddress": "cloudtrail.amazonaws.com",
    "userAgent": "cloudtrail.amazonaws.com",
    "requestParameters": {
        "bucketName": "my-test-s3-bucket",
        "x-amz-acl": "bucket-owner-full-control",
        "x-amz-server-side-encryption-context":

Is there any way I can include only one S3 bucket on my filter pattern? I have tried different ways but it didn't work.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

年华零落成诗 2025-02-20 00:21:33

幸运的是，经过几次尝试，我找到了解决方案：

{ ($.eventSource = s3.amazonaws.com) && ($.requestParameters.bucketName = "my-test-s3-bucket") && (($.eventName = CopyObject) || ($.eventName = CompleteMultipartUpload) || ($.eventName = PutObject) || ($.eventName = PostObject)) }

Luckily after few tries I found the solution:

{ ($.eventSource = s3.amazonaws.com) && ($.requestParameters.bucketName = "my-test-s3-bucket") && (($.eventName = CopyObject) || ($.eventName = CompleteMultipartUpload) || ($.eventName = PutObject) || ($.eventName = PostObject)) }

回复收藏 0 原文

~没有更多了~