Pricing Login
Interactive demos

Click through interactive platform demos now.

Live demo, real expert

Schedule a platform demo with a Sumo Logic expert.

Start free trial
Back to blog results

January 9, 2017 By Brian Bozzello

Triggering AWS Lambda Functions from Sumo Logic Alerts

Ever since Amazon introduced AWS Lambda in 2014, serverless computing has been increasing in popularity as more of the “cool kids” continue to discover its benefits. We have already seen more of our own AWS customers adopting Lambda, which lets teams execute code without provisioning or managing server infrastructure. This code can execute in response to triggers such as changes in data or shifts in system state, and you only pay for the compute time used.

Now, you can trigger these Lambda functions directly from a Sumo Logic alert using the new AWS Lambda Webhook connection for Scheduled Searches and Metrics Monitors. This deeper integration takes your alerts to the next level by allowing you to take action when specific events in your Sumo Logic logs and metrics occur. Here’s a look at some of the benefits you’ll find from this feature.

New Lambda Use Cases

You can now leverage your machine data, regardless of source, in Sumo Logic to trigger these Lambda functions. Sumo Logic’s powerful query language allows you to create meaningful alerts that trigger only when specific conditions are met. This Webhook extension allows you to set smart thresholds and take corrective action directly in your application and infrastructure. For example:

  • Security: Check for SSL vulnerabilities such as Heartbleed or Poodle and automatically resolve them through Lambda.
  • Application: When a user encounters an error in your application, restart the underlying service with Lambda in an attempt to remediate the issue.
  • Infrastructure: When server latency or timeouts spike, trigger a Lambda function to autoscale your instances.

Secure Authentication Using AWS IAM

Lambda functions can be triggered through Amazon’s API Gateway, which acts as a secure mechanism to grant access to data, business logic, or other functionality in AWS. Sumo Logic’s Lambda Webhook connection uses AWS Identity and Access Management (IAM) to securely access your functions in the API Gateway. This also allows you to control which users and roles can invoke your Lambda functions from Sumo Logic and put in safeguards to limit how often the function may be called.

Performance and Cost Visibility in Sumo Logic

Since AWS Lambda logs are exposed through AWS CloudWatch, you’ll also have full visibility into your Lambda performance and costs by using the Sumo Logic App for AWS Lambda. Visualize operational and performance trends to gain insight into indicators such as function requests, duration, and costs. With the ability to drill down into specific functions, you can even see how much memory your functions are using, predict future usage, and re-allocate memory to adjust your performance and overall costs.

Easy Configuration and Management

If you’re already familiar with setting up Webhook connections in Sumo Logic, you’ll have your Lambda function configured in no time. Navigate to the Connections page, click Add, and select AWS Lambda as the connection type.


Enter a name and description for this new connection, then specify the endpoint that triggers your Lambda function in the Amazon API Gateway. You’ll then input your IAM credentials (Access Key and Secret Key) and the region and service name associated with your API. Finally, you can pass additional information to your Lambda function by editing the JSON payload, which may include Sumo Logic data, such as the results returned from your search.

Learn More

Eager to get started? Check out A Brief Tutorial to Understanding, Starting, and Using AWS Lambda from our DevOps blog for a quick primer on Lambda, then head over to Sumo Logic DocHub for more information on connecting your Lambda Function to an alert. Let us know what innovative solutions you come up with by posting on Sumo Dojo or pinging us on Twitter at @sumologic.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Sumo Logic cloud-native SaaS analytics

Build, run, and secure modern applications and cloud infrastructures.

Start free trial

Brian Bozzello

More posts by Brian Bozzello.

People who read this also enjoyed