I have a lambda function that makes a call to a ticketing API, and returns a list of tickets and their attributes (open/resolved, assignee, etc). I want to build a dashboard within CloudWatch to show this information but I'm not sure if I'm approaching the problem correctly.
For example if I wanted a visualization of "Open tickets which are assigned to Jason" which changes over time. I've tried using Log Insights, but the response message is an array of tickets, which I've not been able to successfully query. The logs are structured as:
{
"level": "INFO",
"location": "get_all_tickets:18",
"message": [
{
"ticketId": "001",
"status": "Open",
"assignee": "Jason",
"requester": "Paul",
"createdAt": "2022-10-20 11:08:35.105000+00:00",
"lastUpdatedAt": "2022-10-25 13:42:52.881000+00:00",
"title": "Example Ticket 1",
},
{
"ticketId": "002",
"status": "Resolved",
"assignee": "Jason",
"requester": "John",
"createdAt": "2022-10-20 11:09:35.105000+00:00",
"lastUpdatedAt": "2022-10-25 13:42:52.881000+00:00",
"title": "Example Ticket 2",
}
],
"timestamp": "2022-10-27 18:26:32,680+0000",
"service": "ticket_metrics"
}
Within Logs Insights the fields are serialized as message.0.status, message.1.status, etc, but I haven't found a way to query and aggregate these. Is there a way I can produce a metric, like the above example "Open Tickets assigned to Jason" from within Logs Insights?
I tried queries from the Logs Insights docs, but these didn't perform as expected or didn't apply to my use case.
