From 370cb41657f1507524f24019beef428fef6b8cc5 Mon Sep 17 00:00:00 2001
From: Jeremy Frasier <jeremy.frasier@trio.dhs.gov>
Date: Thu, 7 Apr 2022 10:35:28 -0400
Subject: [PATCH] Update the CW log metric filter patterns to match the changes
 in cisagov/cyhy-core#67

By logging a message for any uncaught exceptions, we are able to
trigger AWS CloudWatch metric alarms via the code in
terraform/nvdsync_failure_alarms.tf and
terraform/kevsync_failure_alarms.tf whenever the cyhy-nvdsync or
cyhy-kevsync scripts fails.
---
 terraform/kevsync_failure_alarms.tf | 2 +-
 terraform/nvdsync_failure_alarms.tf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/kevsync_failure_alarms.tf b/terraform/kevsync_failure_alarms.tf
index dc4aa05f..d8f2eb6b 100644
--- a/terraform/kevsync_failure_alarms.tf
+++ b/terraform/kevsync_failure_alarms.tf
@@ -4,7 +4,7 @@ resource "aws_cloudwatch_log_metric_filter" "kevsync_failure" {
   for_each = local.db_instances
 
   name    = "KEV Sync Failure Count - ${each.value.hostname}"
-  pattern = "kevsync error"
+  pattern = "cyhy-kevsync ERROR"
   # The instances' CloudWatch Agent's configurations define what the
   # log group name looks like.
   log_group_name = "/instance-logs/${each.value.hostname}/syslog"
diff --git a/terraform/nvdsync_failure_alarms.tf b/terraform/nvdsync_failure_alarms.tf
index 536a05ee..c38017ac 100644
--- a/terraform/nvdsync_failure_alarms.tf
+++ b/terraform/nvdsync_failure_alarms.tf
@@ -4,7 +4,7 @@ resource "aws_cloudwatch_log_metric_filter" "nvdsync_failure" {
   for_each = local.db_instances
 
   name    = "NVD Sync Failure Count - ${each.value.hostname}"
-  pattern = "nvdsync error"
+  pattern = "cyhy-nvdsync ERROR"
   # The instances' CloudWatch Agent's configurations define what the
   # log group name looks like.
   log_group_name = "/instance-logs/${each.value.hostname}/syslog"