Menu
I have two Cloudwatch insights queries that I would love to be able to run side by side and compare the results of both two.
stats count(*) as requestIdCount by @requestId
| filter @message like /START RequestId/
| filter requestIdCount > 1
stats count(*) as requestIdCount by @requestId
| filter @message like /END RequestId/
| filter requestIdCount > 1
It would be great to be able to do
fields (
stats count(*) as requestIdCount by @requestId
| filter @message like /END RequestId/
| filter requestIdCount > 1) as EndRequestCount,
(
stats count(*) as requestIdCount by @requestId
| filter @message like /START RequestId/
| filter requestIdCount > 1) as StartRequestCount
But I don't see any way to do subqueries in insights right now. Is there a method to combine queries like this?
288
To run a query with an aggregation functionIn the navigation pane, choose Logs, and then choose Logs Insights. In the Select log group(s) drop down, choose one or more log groups to query. You can enter the name of log groups that you want to query in the search bar.
While logs are about a specific event, metrics are a measurement at a point in time for the system.
To search all log entries for a time range using the consoleOpen the CloudWatch console at https://console.aws.amazon.com/cloudwatch/ . In the navigation pane, choose Log groups. For Log Groups, choose the name of the log group containing the log stream to search. Choose Search log group.
Try this:
parse @message 'START RequestId' as @startRequestId
| parse @message 'END RequestId' as @endRequestId
| stats count(@startRequestId) as startRequestIdCount , count(@endRequestId) as endRequestIdCount by bin(5m)
| filter startRequestIdCount > 1
| filter endRequestIdCount > 1
CloudWatch Logs Insights Query Syntax
132
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With