Send monitoring events from CloudWatch to BigPanda.

Supported VersionsTypeAuthentication Type
SaaS DeploymentsCloudFormation, WebhookOrg Bearer Token

The core of this integration works by creating an SNS topic and subscribing to a BigPanda alerts endpoint. BigPanda then processes and correlates the data from CloudWatch to create and maintain up-to-date incidents in BigPanda. When an alarm closes in CloudWatch, the alert is closed in BigPanda. BigPanda can set the SNS topic for all configured alarms if desired upon initial configuration.

If the automatic sync is enabled, BigPanda periodically updates all alarms with the SNS topic to ensure that BigPanda receives data for any alarms created after the system was first integrated.


Open Integration Manager

The Open Integration Manager is available for use with Cloudwatch. For more information, see the Open Integration Manager documentation.

Key Features

  • Uses the Amazon Simple Notification Service (SNS) to send CloudWatch Alarm data to BigPanda.
  • Correlates alarms from CloudWatch to help you understand and respond faster to issues with your AWS resources and applications.
  • Provides the option to automatically sync CloudWatch Alarms created after the initial configuration with BigPanda.

Data Model

BigPanda normalizes Alarm data from CloudWatch into tags. You can use tag values to filter the incident feed and to define filter conditions for Environments.

Default Tags

BigPanda TagCloudWatch PropertyAttributes
objectAlarmNamePrimary Property
checkTrigger.MetricNameSecondary Property (Default).
alarm_descriptionAlarmDescriptionSecondary Property if check is not present
trigger_{{property}}Trigger and Trigger.DimensionsTrigger is an object of key, value pairs.

Trigger.Dimensions is an array of objects with name and value as the only two properties in each object.

Each key will have a prefix of trigger_

Manage the Integration

The integration leverages a CloudFormation template to create a CloudFormation Stack that deploys the necessary resources directly in your AWS instance

Terraform Support

A Terraform module is available for the CloudWatch integration. Refer to the module in the Terraform Registry for more information.

Before using the Terraform module, check for the following requirements:

  • Ensure the Terraform state file is saved at an appropriate location.
  • Terraform uses the current AWS region, which, unless specified, is the default region stored in AWS config file of the user running Terraform.
  • Ensure that the user running the terraform apply command has permissions to create an IAM role, policies, and other resources such as lambda function, SNS topic, SNS subscription, cloudwatch rule, and cloudformation stack.
  • The Terraform module requires five input variables:
    • api_endpoint
    • app_key
    • bearer_token
    • subscribe_all
    • daily_event_rule

The api_endpoint, app_key and bearer_token need to be retrieved from the Cloudwatch integration created in BigPanda. subscribe_all and daily_event_rule accept boolean values and need to be set to true to create appropriate Terraform resources.

Install the Integration

Administrators can install the integration by following the on-screen instructions in BigPanda.

Before You Integrate

  • Obtain a BigPanda Bearer Token
  • Obtain a CloudWatch Integration app key
  • The CloudFormation Stack requires an AWS User with permissions to create various resources across AWS for the Stack deployment to be successful.


AWS Permissions

These resources may include:

  • Lambda with IAM Role and Policy
  • CloudWatch Event Rule
  • AWS Custom Resource (invokes the Lambda that is created during Stack deployment)

Using the CloudFormation Designer, you can see what the BigPanda CloudFormation template will create.

Deactivate the Integration in BigPanda

If you want to stop sending data to BigPanda but don’t want to delete your integration, you can temporarily deactivate it.

To deactivate an integration:

  1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list. This will open integration details on the right side of the window.
  2. At the top of the integration details, click the Active/Inactive toggle next to the application name to change the status of the integration.


Alert Resolution for Inactive Integrations

Any active alerts belonging to an inactive integration must be manually resolved or they will stay in the system until the auto-resolve window is reached.

Uninstall the Integration

Deleting an integration requires changes to both the integrated system and BigPanda. You must uninstall the integration on the integrated system and then delete the integration from BigPanda.


When replacing an existing integration with a new tool or system, we recommend configuring the new integration first to ensure no data is lost.

Stop Sending Data to BigPanda

Since the resources for the integration are being managed by CloudFormation, we can uninstall the integration by deleting the CloudFormation Stack.

  1. Go to CloudFormation in your AWS Account.
  2. Locate and Select the BigPanda CloudWatch Stack that was deployed.
  3. Click on the Delete button in the upper right of the AWS Console.
    note: You may be prompted to keep some resources like the IAM Role or Policy, this can be skipped so that All Resources are deleted.
  4. Select Delete Stack.
  5. Confirm all resources were deleted.


CloudWatch Alarms

When the CloudFormation Stack is deleted and if the Lambda resource to add the BigPanda Topic to all Alarms is enabled, the function is invoked one last time to remove the BigPanda Topic from all CloudWatch Alarms

Delete the Integration in BigPanda

  1. In BigPanda, navigate to the Integrations tab and select the desired integration from the list.
  2. In the integration details on the right of the page, click the trash icon, then confirm you want to delete the integration. The integration will then be removed immediately.


Alert Resolution for Deleted Integrations

All active alerts from the integration will be resolved after deletion.

️Data Removal

This procedure does not remove any data from the integrated system.