Lambda Pack
2 minute read
Edge Delta Pipeline Pack for AWS Lambda
Overview
The Lambda Pack ensures ingestion and appropriate processing of AWS Lambda data. This pipeline receives logs from the Edge Delta Lambda Extension. The extension sends logs to the endpoint where each log received is parsed and extracted.
Pack Description
Note: The YAML snippets in this section describe the Pack’s internal processing. You do not need to configure these nodes manually. The Pack applies them automatically when you add it to your Cloud pipeline.
1. body_attributes
The Parse JSON node parses the JSON attributes from the body of the message.
- name: body_attributes
type: parse_json_attributes
process_field: item.body
2. extract_message
The Extract JSON Field node extracts the message field from JSON log content and uses it as the log’s body field.
- name: extract_message
type: extract_json_field
field_path: message
keep_log_if_failed: true
Example Input
Consider the following example of a Lambda log.
Note: Sensitive information has been replaced with dummy data.
{
"_type": "log",
"attributes": {
"ed.env.id": "c3bed94c-17b9-41c4-9cc4-f7f21adc3bc4"
},
"body": "{\"cloud\":{\"resource_id\":\"arn:aws:lambda:us-east-2:00000000000:function:example-log\",\"account_id\":\"00000000000\",\"region\":\"us-east-2\"},\"faas\":{\"name\":\"example-log\",\"version\":\"$LATEST\",\"request_id\":\"e8ba78a6-1028-40ba-ad62-21a74249cd59\"},\"timestamp\":\"2024-01-00T00:00:00.000Z\",\"log_type\":\"function\",\"message\":\"example-log\"}",
"resource": {
"ed.conf.id": "d3175b27-a510-444c-9055-006e5fc452fc",
"ed.domain": "pipeline",
"ed.org.id": "4fcd9ade-2aad-4a53-9214-18b7dc68190c",
"ed.source.name": "http_input",
"ed.source.type": "http_input",
"ed.tag": "awslambda",
"host.ip": "1.1.1.1",
"host.name": "example-host",
"http.method": "POST",
"http.route": "/",
"http.scheme": "http",
"server.port": 80,
"service.name": "http-80",
"src_type": "http"
},
"timestamp": 1700000000000
}
Example Output
Consider the following log emitted from the Lambda pack.
Note: This example is not derived from the example above but the input log had the same structure.
It consists of a simple body:
{
"message": "example-log"
}
As well as a detailed Attributes field:
{
"cloud": {
"account_id": "00000000000",
"region": "us-east-2",
"resource_id": "arn:aws:lambda:us-east-2:00000000000:function:example-log"
},
"ed.env.id": "d5d3b7dc-1e86-4cf7-bbc1-b505bc307d97",
"faas": {
"name": "example-log",
"request_id": "2e3b45fa-6f43-4981-a472-68dfa3010301",
"version": "$LATEST"
},
"log_type": "function",
"message": "example-log",
"timestamp": "2024-01-01T00:00:00.000Z"
}
Sample Input
{"_type": "log","attributes": {"ed.env.id": "4f76f760-b479-4deb-a3f8-5221f79de98c"},"body": "{"cloud":{"resource_id":"arn:aws:lambda:us-east-2:000000000000:function:example","account_id":"000000000000","region":"us-east-2"},"faas":{"name":"example-log","version":"$LATEST","request_id":"a7a83425-69bc-422a-9977-695c9c375dcd"},"timestamp":"2024-01-01T00:00:00.000Z","log_type":"function","message":"example-log"}","resource": {"ed.conf.id": "206146b7-3ebf-47bb-9f39-c8dbb61657a8","ed.domain": "pipeline","ed.org.id": "314bbfe1-7ce3-45ac-91f9-99a60fdc61d6","ed.source.name": "http_input","ed.source.type": "http_input","ed.tag": "awslambda","host.ip": "1.1.1.1","host.name": "example-host","http.method": "POST","http.route": "/","http.scheme": "http","server.port": 80,"service.name": "http-80","src_type": "http"},"timestamp": 1730000000000}