Questions tagged [aws-cloudwatch-log-insights]
301 questions
0
votes
1 answer
AWS cloudwatch insight query composition for the following log
Trying to compose an insight query which would extract the following fields.
apiname, endpoint, responseCode, status
from the log:
"{\n \"apiName\": \"test_Authentication\",\n \"endpoint\": \"https://test.cloud.com\",\n \"responseCode\": 200,\n…
Deepak
- 377
- 4
- 14
0
votes
1 answer
Alert on Lambda failure with detailed info
I have a cloudWatch alert setup on all lambdas sending data to a an SNS topic
Using the metric as
sum(errors) across all functions
I get the notification as expected, but there is no information in there to identify which amongst my lambdas…
Ajay
- 177
- 9
0
votes
0 answers
Grafana CloudWatch Logs Math Expression
Is there a way to perform a math expression on 2 CloudWatch Logs Insight queries in Grafana?
When I try to do so, I get an error:
The error is:
level=error msg="Query data error" error="expression request error: failed to query data: query must…
Gaetan L'Hoest
- 60
- 9
0
votes
1 answer
AWS Cloudwatch Log Insights: Aggregate results are impossible (count - count_distinct is negative)
I'm running a CloudWatch log insights query on a single log stream that corresponds to a single Python AWS Lambda function. This function logs a unique line corresponding to the key in s3 that it is processing. It logs this line once at the…
magnanimousllamacopter
- 150
- 1
- 7
0
votes
0 answers
AWS Log Insights parse not working properly
My message looks like :
@message 2022-06-06 12:16:31 9d6052b7-98ed-47db-b260-3ca2f718b10a INFO NodeHandler:27 - POST /node
In the log insights query, I'm using :
fields @message
| parse message 'INFO * - *' as class, text
When I run this,…
Kancha
- 409
- 1
- 3
- 11
0
votes
1 answer
AWS CloudWatch Logs Insights: show stats also for null values
I have the following query:
fields @timestamp, status, requestId
| filter message like 'RoutesHandler invoked.'
| parse request /(?\/(v\d\.\d\.?\d?)\/)/
| stats count(version) as apiVersion by version
| sort @timestamp desc
| limit…
agoldev
- 2,078
- 3
- 23
- 38
0
votes
0 answers
Filebeat Config help for type: aws-cloudwatch
This is my filebeat config for aws-cloudwatch.
type: aws-cloudwatch
log_group_arn: arn:aws:logs:us-x-xxxx1:x:loxxxxxg-group:/aws/aes/domains/xxxxx-dev/:
scan_frequency: 1m
start_position: end
role_arn:…
0
votes
1 answer
CloudWatch Logs Group By and getting last time value
I need to map which endpoints are taking the longest from a log.
I have a query that catches all the most discouraged endpoints, but they may have duplicate endpoints, but with different request times.
My query:
fields request.url as URL,…
Raank
- 125
- 6
0
votes
1 answer
How do I write a query for a json in logs insights?
I have a simple message in the form of json like below in one of the log group. The query that I use is {$.level = "INFO"} This doesn't bring up any result. What could be the problem? Can somebody help please.
{
"level": "INFO",
"location":…
The Enthusiast
- 93
- 1
- 11
0
votes
2 answers
How can I find the missed utterances rate per day from Lex using CloudWatch?
We want to find the missed utterance rate per day from Lex logs.
For example:
Day 1 - 10 total utterances, 1 missed utterance
Day 2 - 20 total utterances, 4 missed utterance
...
We want to be able to plot (missed utterances/total utterances x 100)…
Sharvari Nagesh
- 293
- 3
- 17
0
votes
1 answer
CloudWatch Insights Query - How to count distinct messages ending with phrase
I'd like to get the total distinct count of each message in log groups.
The format of the message is: Total of [n] rows have been loaded to [table_name]
example message:
@message
Total of 1234 rows have been loaded to table1
Total of 14 rows have…
JamesBowery
- 71
- 10
0
votes
1 answer
Best practices to configure thresholds for alarms
I have been having some difficulty understanding how to go about the ideal threshold for few of our cloudwatch alarms. I am looking at metrics for error rates, fault rate and failure rate. I am vaguely looking at having an evaluation period of…
sak18
- 101
- 13
0
votes
1 answer
Selecting first row for each group in cloudwatch
I do a query in which I get multiple messages for each day.
I want to get the first message for the day(or any single message for each day).
Getting the day is no problem:
display datefloor(@timestamp,1d) as TT ,msg
But from here, I am not sure how…
user2679290
- 144
- 9
0
votes
1 answer
How to extract data from array in a JSON message using CloudWatch Logs Insights?
I log messages that are JSON objects. The JSON has an array that contains key/value pairs:
{
...
"arr": [{"key": "foo", "value": "bar"}, ...],
...
}
Now I want to filter results that contains a specific key and extract the values for a…
Christian
- 7,433
- 4
- 36
- 61
0
votes
1 answer
Cloudwatch log insights sum() set default 0 value when no logs are present
I'm trying to run the following Cloudwatch log insights query for two different log stream sources. However, when one or both streams have no entries, the sum() function returns a void result instead of 0. Because of that, I can't use that result in…
mlaukamp
- 11
- 4