Lambda monitoring is one of the new features that New Relic has released as part of the launch for New Relic One. If you are not familiar with New Relic One I highly recommend reading the blog post below from our CEO Lew Cirne:
As we are now two months in the launch, I wanted to put together this post to answer some of the common questions that have come up regarding Lambda Monitoring. This FAQ document was put together based on the common questions we have seen on Support tickets and a few more from our internal teams who use Lambda. If you have a question that I have not answered below, which to be fair is very likely, please ask in the comment section and I will do my best to find an answer
Q: Where can I find the instructions for enabling New Relic on my Lambda function?
- Screenshot of NR1 with the AWS Lambda setting
Q: Which version of Python do I need for the automatic script to function properly?
- Python 3.6+
Q: Can the Serverless deploy be restricted to regions?
Yes, it is possible to restrict the region where the ingestion Lambda is deployed. The script has an optional parameter, --regions where you can declare a list of regions to deploy
./newrelic-cloud ..... --regions eu-west-1
Q: Can I see my logs in New Relic UI?
- No that is not a feature we have but it is on the roadmap. You can see the Agents log in the Cloudwatch after you successfully do the log Ingestion
Q: What API key do I need for the 1st step?
- GraphQL API that is generated by the UI or you can see it under User and Roles.
Q: What does
HTTP 202 log entry mean?
- This log entry verifies the connection between New Relic and AWS is made successfully; you should now continue with the next two steps of enabling New Relic on your Lambda function.
Q: After running the startup script I am getting similar errors like the ones below, what is going on?
Failed actions: Function: None, Region: None, Error: Failed to set up lambda integration: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)>
Failed to set up lambda integration: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)>
- These errors are generated due to a Python3 cert issue. One suggestion for bypassing this error would be to install the certifi package of certificates:
Q: I see Distributed Tracing data but once I navigate to the Invocation tab, I see the message “No invocations found in this time window”, what is the reason behind this?
- New Relic captures all of the invocations but only about ~10% of the time there is a breakdown detail available. The invocation breakdown UI is tied to the sampling coming from Distributed Tracing and is based on span events. Hence, the message above indicates that no Invocation has been sampled in this timeframe. This sampling happens when the Invocation is sent to the invocation UI. Once the data is in the Invocation UI, no more sampling happens and you can see the breakdown.
Q: I am a User on the New Relic account, can I disable Lambda monitoring?
- Users with no add-on roles can’t enable Lambda. You need to be an
Admin, or the
Owner, or be a User with
Infrastructure manager role.