Stack Overflow
Stack Overflow

Questions tagged [aws-cloudwatch-log-insights]

301 questions
2
votes
1 answer

CloudWatch insights log parsing

I have been trying to parse the resource arn ex.(arn:aws:ec2:us-east-1:0123456789:volume/vol-gg4gggs0svevb3000) to extract the vol-* on CloudWatch logs insights and unable to get the regex pattern right with desired result. I have tried using below…
Joshua K
  • 23
  • 1
  • 5
2
votes
0 answers

Flatten the JSON array items in cloudwatch

I have the following message logged to cloudwatch and I am trying to flatten it in the CloudWatch insights { "LogReferenceId": "36a86fd4-1ecd-4e1e-8cf5-d6179240ffc8", "ApplicationName": "User", "UriResourceName": "/UserController/Add", …
Vivek
  • 21
  • 2
2
votes
1 answer

AWS CloudWatch Logs Insight query to find out service availability using ALB logs

I have Access Logs enabled on my ALB which are published to AWS CloudWatch. We have a ServiceHealth check endpoint which returns 200 if the service is behaving normally. If any of the components of the are not behaving as expected, it will return…
kk.
  • 3,747
  • 12
  • 36
  • 67
2
votes
2 answers

CloudWatchLogs filterLogEvents empty events

I am trying to get CloudWatchLogs filterLogEvents by sending parameters. some times it work and sends me the exact logs in that time, but for the different lambda function it returns empty events with next token. parameters = { 'logGroupName' :…
Uzair Faruki
  • 21
  • 2
2
votes
0 answers

Can Amazon Cloudwatch Logs Insights access json fields?

I am trying to write json logs to CloudWatch, and I planned to access json fields in the log, like: fields @timestamp, log.url, log.body ,log.error | sort @timestamp desc | filter log.error is string | limit 500 And the logs are json strings…
golopot
  • 10,726
  • 6
  • 37
  • 51
2
votes
1 answer

How do you convert the field type in CloudWatch?

The @timestamp field for example, while a long, is always displayed as a date. Can I convert/display it as a long/int?
kane
  • 5,465
  • 6
  • 44
  • 72
2
votes
0 answers

What is recommended best practice for separating environments and micro-service contexts within AWS CloudWatch log groups?

I'd like to ask how to best organize AWS CloudWatch log groups for different environments such as dev staging prod for a microservice architecture such that there exists say 50 microservices, each containing its own context (ex. payment, catalog,…
Judy007
  • 5,484
  • 4
  • 46
  • 68
2
votes
1 answer

AWS Metrics Filter pattern Extraction

I have awsService.log logs being sent to CloudWatch and I want to create a metric filter to extract the error value. Example: 06/13/2020 07:35:33 : 578 : 3 : error occurs 05/13/2020 07:35:33 : 3 : 3 : error occurs The error value I would like to…
varad_automation
  • 93
  • 2
  • 9
2
votes
1 answer

Is it possible to display n messages prior to a message that matches regex using aws cloud watch logs insights

Is it possible to display n messages prior to a message that matches regex using aws cloud watch logs insights. I have to put a filter across multiple log events. Example log message sequence:
Riya Francis
  • 96
  • 9
2
votes
3 answers

AWS with .NET - reading logs from CloudWatch - no log data returned

I am attempting to read Log data using .NET from CloudWatch for Messages sent using SNS. From the CloudWatch console (CloudWatch \ CloudWatch Logs \ Logs Insights) I enter: Date range: custom (2w) LogGroup: sns/ap...../8...../LogName Query: fields…
Flicco
  • 81
  • 5
2
votes
0 answers

Cloudwatch insights parse regex syntax not matching on string that should match

Short Version This query isn't matching on type, sub_type, or missing_fields. I can get this query to work just fine without using the insights regex syntax but I'm wondering how I'm messing up the parse regex syntax Long Version I have a log line…
AlexLordThorsen
  • 8,057
  • 5
  • 48
  • 103
2
votes
2 answers

How long are Cloudwatch Insights Query results retained?

When you use the AWS API to run a query against Cloudwatch logs, you get back a queryId. { "queryId": "string" } You can then call GetQueryResults using that query ID and retrieve results from the query. { "results": [ [ { …
bjmc
  • 2,970
  • 2
  • 32
  • 46
1
vote
0 answers

CloudWatch Insights - Unable to display the "intent" value in display results

I am trying to query the Results of the resolvedValues into my CloudWatch Insights, but I am not able to. Here is the queryies that I tried :- fields @message | filter sessionState.intent.name="Confirmation1" | display…
Asish
  • 760
  • 1
  • 10
  • 16
1
vote
0 answers

AWS Cloudwatch Log Insights - replace string function in queries on Auth0 Event Types

I'm streaming the Auth0 logs to the CloudWatch log group and now I would like to query the logs for occurrences of each of the Log Event Type Codes. The type is in the field: detail.data.type as in this example: Field …
Lez
  • 99
  • 7
1
vote
1 answer

AWS Cloudwatch how to use parse regex for request uri?

I have an AWS Cloudwatch log in the following format timestamp request_uri 2023-04-19 00:00:00 /v1/categorya/producta?model=112 2023-04-19 00:00:00 /v1/categorya/producta?model=11432 2023-04-19…
muazfaiz
  • 4,611
  • 14
  • 50
  • 88
1 2 3
19 20