Cloud siem icon white

Automate your SOC with Cloud SIEM Get started

Get started
Back to blog results

May 13, 2020 By Scott Fitzpatrick

Best Practices for Logging in AWS Lambda

In the fast-moving and demanding world of software development, it is critical for organizations to utilize solutions that help streamline server setup in a scalable and affordable manner. Serverless computing solutions were developed in response to these requirements. With serverless, the administrative overhead associated with provisioning servers and managing infrastructure is eliminated and development teams are empowered to focus on building application functionality in the leanest and cleanest manner possible. AWS Lambda is a serverless computing solution from Amazon, developed for use with on-demand applications. In this article, I discuss AWS Lambda, it’s integration with AWS Cloudwatch, and best practices for application logging when leveraging this platform.

What is AWS Lambda?

AWS Lambda is a serverless computing platform from Amazon that works with on-demand applications. With AWS Lambda, the development team only needs to worry about the code they write, with Lambda taking care of everything else required for executing and scaling the application.

An added benefit: the development team only pays for the resources they use. Each application running on the platform is configured to execute in response to some event (hence the reference to on-demand applications), and during execution is the only time in which the client is charged for the use of AWS resources.

Lambda Functions and AWS Lambda

In the context of AWS Lambda, the term Lambda Function refers to an application that is being hosted on the AWS Lambda platform. Lambda Functions can be uploaded to AWS Lambda or they can be written directly in the Lambda code editor.

After a Lambda Function is created, further configuration is required to invoke the function when appropriate. This is done through the use of triggers.With Lambda, there exist an array of options for creating and configuring such triggers. A trigger may refer to a custom application writing events to an AWS Kinesis data stream. Based on an event-source configuration, AWS Lambda detects the event and invokes the proper Lambda Function. Alternatively, imagine an instance where, based on some user interaction, a web application needs to invoke a backend process implemented in Lambda. In this instance, an API call can be made using the Amazon API gateway to trigger the execution of the Lambda application.

The above examples represent just a few of the many options for invoking a Lambda Function running on AWS Lambda. Visit the AWS Lambda developer documentation for information on additional use cases and methods for invoking Lambda Functions.

Amazon CloudWatch and AWS Lambda

Amazon CloudWatch is a service from Amazon that can be leveraged for use in the collection and visualization of metrics within your AWS applications. As both products are from Amazon, CloudWatch features a seamless integration for use in monitoring Lambda Functions.

When set up to use CloudWatch, AWS Lambda will automatically monitor and report certain metrics for Lambda Functions through Amazon CloudWatch. Within the AWS Lambda console, you can then view the logged data, as well as useful metric-based visualizations located in the monitoring console. These visualizations can help the developers make various basic determinations such as the rate at which their Lambda Functions are being invoked, and the error rate associated with their Lambda Functions; and derive performance-related insights such as the average duration for a Lambda Function, the maximum duration of an invocation for a particular Lambda Function, etc. These determinations and insights can help developers identify issues within the Lambda Functions as well as evaluate their usage over time.

Best Practices for Logging within Lambda Functions

When debugging an issue in almost any application, a much greater deal of information needs to be known about what’s occurring than the basic metrics mentioned above. Whether developing a Lambda Function in Python, Node.js, Java or any other supported language, additional logging is supported with the resulting log statements being sent to Amazon CloudWatch.

The following are some best practices for application logging in AWS Lambda. These tips are meant to provide organizations with the practices necessary to optimize function performance and increase application reliability in the most efficient manner possible.

Include identifying information in log events

Including identifying information such as the request ID in each log event can help decrease the amount of time it takes to filter and identify the root cause of an issue within the Lambda Function.

Consider the following: If we can identify the request ID associated with a particular invocation of the Lambda Function and all log events associated with this invocation have the request ID recorded as part of the entry, then it will be a straightforward process to isolate all log events associated with a particular invocation. By doing so, we add context to our logs and can simplify the process for root-cause analysis, thereby reducing the time it takes to resolve the issue.

Be consistent in formatting your log events

Using consistent formatting – such as JSON – for your logs will ensure that they are easily readable by both humans and log aggregation software. This principle holds true for an application running in any environment, and serverless apps running on AWS Lambda are no exception.

By standardizing the format of your log events, you ensure that the process for filtering and querying these logs (in the inevitable instance that it is necessary to do so) will be as easy as possible. Additionally, the process for building visualizations is made simpler by utilizing a consistent format across all application logs.

Centralize your logs with a log management solution

For each Lambda Function, a log group is created in Amazon CloudWatch. Streaming these logs to an additional log management solution that features more advanced aggregation, filtering, and visualization capabilities can be extremely advantageous for any development organization. Logging is done in an effort to help streamline such processes as application performance analysis and incident resolution. So if the use of a management solution helps accelerate that process (and it will), then it is worth considering.

Sumo Logic represents an advanced log management solution with the capability to support consuming and managing log data from Amazon CloudWatch. With Sumo Logic, development teams will have greater capabilities in the realm of log management and visualization of log data to support collaboration and subsequent resolution of serverless application problems.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Sumo Logic Continuous Intelligence Platform™

Build, run, and secure modern applications and cloud infrastructures.

Start free trial
Scott Fitzpatrick

Scott Fitzpatrick

Scott Fitzpatrick is a Fixate IO Contributor and has nearly 8 years of experience in software development. He has worked with many languages and frameworks, including Java, ColdFusion, HTML/CSS, JavaScript and SQL.

More posts by Scott Fitzpatrick.

People who read this also enjoyed


AWS Observability: Designed specifically for AWS environments


Observability: The Intelligence Economy has arrived


How to Use the New Sumo Logic Terraform Provider for Hosted Collectors