Basic Metric Filter
resource "aws_cloudwatch_log_metric_filter" "unique-name-of-your-filter-resource" {
name = "name-of-your-filter-pattern"
pattern = "\"the actual pattern you are looking for\""
log_group_name = "logroup/app.name.orwhatevs/"
metric_transformation {
namespace = "${var.metric_namespace}"
name = "Easy-To-Spot-Name-Of-Your-Metric"
value = "1"
default_value = "0"
}
}
Parsed Metric Filter
resource "aws_cloudwatch_log_metric_filter" "unique-name-of-another-filter-resource" {
name = "your-new-filter-pattern-name"
pattern = "[..., user=*root*, spacer=*-*, colx=*Some* && coly=*Web*, count]"
log_group_name = "logroup/app.name.orwhatevs/"
metric_transformation {
namespace = "${var.metric_namespace}"
name = "Easy-To-Spot-Name-Of-Your-Metric"
value = "$count"
default_value = "0"
}
}
Basic Metric Alarm
resource "aws_cloudwatch_metric_alarm" "unique-name-of-your-alarm-resource" {
alarm_name = "Easy-To-Spot-Name-Of-Your-Metric"
alarm_description = "10 errors in 10 minutes Error connecting to SQL Server"
comparison_operator = "GreaterThanOrEqualToThreshold"
metric_name = "Easy-To-Spot-Name-Of-Your-Metric"
namespace = "${var.metric_namespace}"
period = "900"
statistic = "Sum"
threshold = "10"
evaluation_periods = "1"
datapoints_to_alarm = "1"
treat_missing_data = "notBreaching"
alarm_actions = [
"${data.aws_sns_topic.yada.arn}","${data.aws_sns_topic.blah.arn}"]
}