Stack Overflow
Stack Overflow

Questions tagged [aws-cloudwatch-log-insights]

301 questions
0
votes
1 answer

AWS Log Insights Query - Filter Begins with specific IP address

Is it possible to query log insights data and filter based on IP addresses that start with specific values. The query below is returning too much data... In addition to returning data that begin with 98, it is also returning data with IP addresses…
Paul Wasserman
  • 137
  • 2
  • 13
0
votes
1 answer

How to query cloudwatch logs for successful lambda executions

How can we get the minimum and maximum lambda execution time by querying cloudwatch? Note we only want to query for the successful execution and skip the failed ones. This is my first attempt: fields @message | filter @type = "REPORT" | stats…
Sazzadur Rahman
  • 2,650
  • 1
  • 18
  • 34
0
votes
0 answers

Apply group by on AWS cloud watch insights

I have below logs in AWS cloud watch: ENTITY=POSITION CONSUMER_ID=XXXX ENTITY=POSITION CONSUMER_ID=XXXX ENTITY=POSITION CONSUMER_ID=YYYY ENTITY=POSITION CONSUMER_ID=YYYY I would like to group the output based on CONSUMER_ID: `CONSUMER_ID COUNT …
raksha c
  • 9
  • 2
0
votes
0 answers

how to parse @message in cloudwatch log insights in AWS

I got a query with @message result which looks like this: query: fields ContainerName, MemoryUtilized | filter Type like 'Container' | filter ContainerName not like '~internal~' and ContainerName not like 'log_router' | filter ContainerName like…
AchiazD
  • 1
0
votes
1 answer

How do I make a AWS Cloudwatch Insights line chart plot?

I want to parse a structured JSON value as milliseconds, that looks like: Instead with my AWS Log Insights query: fields msg, duration, @timestamp | filter msg == "fetching" | display @timestamp, duration When I click the Vizualization tab it…
hendry
  • 9,725
  • 18
  • 81
  • 139
0
votes
0 answers

How to filter cloudwatch logs on variable field names?

Cloudwatch turns our log arrays into numbered fieldnames. Accessed.file.0 565 ... Accessed.file.## 810 The number of fieldnames is not fixed. Is there way I can search all fields for matching value. So far my solution is just to generate a search…
OrigamiEye
  • 864
  • 1
  • 12
  • 31
0
votes
0 answers

Query log insight by multiple lines in same Log stream

I have a Cloudwatch log group where a sql query is logged, the query can run multiple times in the same execution, so one logStream can contain multiple logs of the same query with different values Example in the query below, (x, y z) could have any…
Carlos Salazar
  • 1,818
  • 5
  • 25
  • 48
0
votes
1 answer

How to parse logs insight log with same field name

I want to run a query like this: fields @timestamp, @message | filter @message like /Failed Token|APN failed/ | parse @message "Failed Token: * Error: *" as token, error | parse @message "device: * reason: *" as token, error | display token,…
RanH
  • 740
  • 1
  • 11
  • 31
0
votes
0 answers

How can I group Header fields together to show counts for Browser Versions?

I am parsing @headers to create a dashboard in Cloudwatch. I'd like to be able to show the counts of each browser version being used from the information contained in the logs. The browser information is in the User-Agent header and I'd like to be…
Daniel Devlin
  • 95
  • 1
  • 11
0
votes
1 answer

Grouping and summing cloudwatch log insights query

I have about 10k logs from log insights in the below format (cannot post actual logs due to privacy rules). I am using boto3 to query the logs. Log insights query: filter @message like /ERROR/ Output Logs format: timestamp:ERROR
Devang Sanghani
  • 731
  • 5
  • 14
0
votes
1 answer

AWS Logs Insight - percent of failed DNS queries?

I am currently learning about AWS Logs Insights, and I was wondering if the following is possible. Let's say I gather logs from Route53. So I have an event for each query that reaches the AWS DNS servers of course. Now, I know I can count the number…
YoavKlein
  • 2,005
  • 9
  • 38
0
votes
0 answers

API Gateway request in Cloudwatch Logs insights

I have REST API in API Gateway. Cloudwatch logging is enabled for each stage and logging level is "Full request and Response logs". Because I use metrics also "Enable Detailed CloudWatch Metrics" is enabled in stages Logs/tracing tab. When I look at…
JukkaT
  • 27
  • 5
0
votes
0 answers

Is there a way to stop CloudWatchLogsInsight from searching after a first match?

I am searching through a week worth of flow logs to check if an IP is in existents or not, however whenever there's a match, the query will still continue consuming resources and time. How do I query and return only the latest event matching an IP…
Coles Loh
  • 1
  • 1
0
votes
0 answers

Limit access to CloudWatch Logs Insights query results

I created an IAM Identity Center permission set and group. The permission set attached to the group only allows the users inside the group to view CloudWatch logs generated by a specific account (our Crypto account), the statement looks like…
Tegue Morrison
  • 21
  • 4
0
votes
1 answer

CloudWatch Logs Insights display a filed from the Json in the log message

This is my log entry from AWS API Gateway: (8d036972-0445) Method request body before transformations: {"TransactionAmount":225.00,"OrderID":"1545623982","PayInfo":{"Method":"ec","TransactionAmount":225.00},"CFeeProcess":0} I want to write a…
ICICI81
  • 101
  • 1
  • 9
1 2 3
19 20