Cloud siem icon white

Automate your SOC with Cloud SIEM Get started

Get started
Back to blog results

May 8, 2020 By Twain Taylor

AWS Lambda Monitoring - what to keep an eye on with serverless

AWS Lambda is the leading serverless computing solution and is one of AWS’ most successful products, to date. Its popularity is in large part because of the way it makes development easier and faster. Lambda completely abstracts away the maintenance of underlying infrastructure including compute, storage, memory, and networking. Developers simply upload their code in the form of Lambda functions and the service fully handles the execution of these functions. Lambda has been put to good use as a way to integrate two enterprise applications, to run data processing jobs, automating tasks between cloud applications, and even to power an IoT backend.

Why Monitor AWS Lambda?

There are at least three reasons why you’d want to monitor Lambda closely. First, to ensure performance is as expected. While there are fewer infrastructure issues with Lambda, the new paradigm of code-as-functions can introduce issues of code compatibility.

Second, Lambda follows a pay-per-use model where you pay for the amount of AWS resources like compute, memory and storage used. Though the prices are extremely low for an individual request, the number of requests needed to run an application can easily spike as the app scales. Further, whether you run more short-term or long-term workloads matters a lot. Monitoring is the best way to keep costs under control.

Third, monitoring is necessary for enforcing security. When there is a vulnerability or anomaly, monitoring is the first step to spot the issue and resolve it before it escalates.

AWS Lambda Metrics to Monitor

There are three main types of metrics to monitor: invocations, performance, and concurrency. We’ll look at each below.

Invocation Metrics

These are the most important metrics as they show vital information about the execution of functions in Lambda. Lambda reports on the number of invocations executed successfully, the number of errors, and more. Below are the key invocation metrics.

  • Invocations: Number of functions executed
  • Errors: Number of failed executions
  • DeadLetterErrors: Number of invocations that were sent to an SNS or SQS queue as they could not be executed by Lambda asynchronously
  • DestinationDeliveryFailures: The number of times a failed invocation was sent to a destination like an SNS or SQS queue, but did not reach the intended destination
  • Throttles: Number of times the concurrency limit was reached and the execution of functions was throttled
  • ProvisionedConcurrencyInvocations: The number of invocations executed on provisioned concurrency – this is pre-configured concurrency to reduce latency as the workload scales.
  • ProvisionedConcurrencySpilloverInvocations: The number of times provisioned concurrency was fully utilized and standard concurrency was used instead. This is an indicator that you may need to increase the volume of provisioned concurrency.

Performance Metrics

These are primarily time-based metrics that help to assess the performance of functions in Lambda.

  • Duration: The amount of time taken to execute an event. This is a key metric as Lambda’s costs are calculated based on the duration of requests.
  • IteratorAge: When processing streaming data from Kinesis, for example, the IteratorAge is the time between when an event reaches the stream and when it is sent to Lambda.

Using Concurrency Metrics

Concurrency is a key metric with Lambda as it is used to throttle functions when they exceed Lambda’s concurrency limit. Keeping an eye on these metrics can ensure your app functions smoothly without performance lags as it scales.

  • ConcurrentExecutions: The number of functions being executed at any given time
  • ProvisionedConcurrentExecutions: The current count of functions being executed on provisioned concurrency
  • ProvisionedConcurrencyUtilization: The amount of provisioned concurrency in use
  • UnreservedConcurrentExecutions: The number of functions being processed by unreserved concurrency

The Default Lambda Monitoring Dashboard

Lambda includes a default dashboard with the most vital metrics to monitor your functions. This is what it looks like:

Source: AWS

We’ve already discussed these metrics above. As you can see, some of these metrics have more than one dimension. For example, duration is shown as minimum, average, and maximum.

Lambda Logs

Apart from metrics, logging is essential to gain deep observability into lambda functions. Lambda allows you to insert logging statements in functions that are automatically sent to CloudWatch. From here, you can use CloudWatch to dig into these logs, or send them to a dedicated logging service like SumoLogic for more robust log analysis.

A dedicated log analysis platform comes with better log visualization and search capabilities. These services allow you to quickly build custom dashboards and collaborate with team members around log data.

If you’re running applications or workloads on AWS Lambda, monitoring is essential to get the most out of your investment. Though Lambda abstracts away the infrastructure, there is a lot of monitoring at the application level that needs to be done by you. By monitoring Lambda using a log analysis tool, you can improve the performance of applications and optimize resources like costs. You’ve taken the leap to invest in the future of cloud computing – serverless. However, your monitoring shouldn’t be left in the past.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Sumo Logic Continuous Intelligence Platform™

Build, run, and secure modern applications and cloud infrastructures.

Start free trial
Twain Taylor

Twain Taylor

Twain Taylor is a member of the Sumo Logic Community. Twain began his career at Google, where, among other things, he was involved in technical support for the AdWords team. His work involved reviewing stack traces, and resolving issues affecting both customers and the Support team, and handling escalations. Later, he built branded social media applications, and automation scripts to help startups better manage their marketing operations. Today, as a technology journalist he helps IT magazines, and startups change the way teams build and ship applications.

More posts by Twain Taylor.

People who read this also enjoyed

Blog

AWS Observability: Designed specifically for AWS environments

Blog

Observability: The Intelligence Economy has arrived

Blog

How to Use the New Sumo Logic Terraform Provider for Hosted Collectors