What is event source?
An event indicates a change in an environment such as an AWS environment, application performance monitoring, or one of your applications or services. The following are examples of events:
- Amazon EC2 generates an event when the state of an instance changes from pending to running.
- Azure VM Auto Scale generates events when it launches or terminates instances.
- Data Dog generates events when it detects memory overrun.
You can also set up scheduled events that are generated on a periodic basis.
Event source format
Events are represented as JSON objects and they all have a similar structure, and the same top-level fields.
The contents of the detail top-level field are different depending on which service generated the event and what the event is. The combination of the source and detail-type fields serves to identify the fields and values found in the detail field. For examples of events generated by AWS services when it detects the instance change event.
What is Event pattern?
Sometimes, users have demand to display the specific field both available / unavailable in the ingested events. Cloud Alert offers you the way to deal with this by setting up the Matching field. Accordingly, an user can import the csv file to match between the actual value (eg. Account ID) and expected showing value (eg. Account Name).
For a field to match, it must be listed in second column of csv file. The sample csv file, you can found it here.
Set up
Purpose: support user to view detail information of Event source by Creating event pattern from Path field. User can create 1 or multi Path in a vendor to take information which user wants to take from Event source.
Additionally, user can category pattern (CRUD) (calling is Field) according to user's wishes
To Create pattern in a Category pattern (calling is Field), user follows steps as below:
Step 1: Go to Event source page, choose Settings
Click on Add pattern > Input data valid
Note:
- Path: apply with format e.g: detail.state or detail.instance-id,... (dot-separated fields)
- Order is the priority to mapping field when 1 vendor has created a lots event patterns
- Matching field: allow user import file matching with template (mapping 1:1 - Key:Value)
- Download template: user clicks on icon to take template file (only support .csv format)
Step 2: User creates event pattern. A pattern has created successfully.
After create pattern successfully, user checks information matching field displayed in Event source list screen.
With pattern for displaying matching field, in event source list will display Value data corresponding with Key data in import file as below image.
