Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Combine two Cloudwatch insights queries

Tags:

amazon-cloudwatch

I have two Cloudwatch insights queries that I would love to be able to run side by side and compare the results of both two.

stats count(*) as requestIdCount by @requestId 
| filter @message like /START RequestId/
| filter requestIdCount > 1

stats count(*) as requestIdCount by @requestId 
| filter @message like /END RequestId/
| filter requestIdCount > 1

It would be great to be able to do

fields (
    stats count(*) as requestIdCount by @requestId 
    | filter @message like /END RequestId/
    | filter requestIdCount > 1) as EndRequestCount,
       (
    stats count(*) as requestIdCount by @requestId 
    | filter @message like /START RequestId/
    | filter requestIdCount > 1) as StartRequestCount

But I don't see any way to do subqueries in insights right now. Is there a method to combine queries like this?

like image 288
AlexLordThorsen Avatar asked Nov 14 '19 00:11

AlexLordThorsen

People also ask

How do I use aggregate logs in CloudWatch?

To run a query with an aggregation functionIn the navigation pane, choose Logs, and then choose Logs Insights. In the Select log group(s) drop down, choose one or more log groups to query. You can enter the name of log groups that you want to query in the search bar.

What is the difference between CloudWatch logs and metrics?

While logs are about a specific event, metrics are a measurement at a point in time for the system.

How do I search multiple CloudWatch logs?

To search all log entries for a time range using the consoleOpen the CloudWatch console at https://console.aws.amazon.com/cloudwatch/ . In the navigation pane, choose Log groups. For Log Groups, choose the name of the log group containing the log stream to search. Choose Search log group.

1 Answers

Try this:

parse @message 'START RequestId' as @startRequestId
    | parse @message 'END RequestId' as @endRequestId
    | stats count(@startRequestId) as startRequestIdCount , count(@endRequestId) as endRequestIdCount by bin(5m)
    | filter startRequestIdCount > 1
    | filter endRequestIdCount > 1

CloudWatch Logs Insights Query Syntax

like image 132
Roberto Rivera Avatar answered Sep 18 '22 14:09

Roberto Rivera
Sign in to Comment

Related questions

How does multi-line logging work in Lambda -> CloudWatch
Count Array Length in JSON Message Object with Amazon Cloudwatch Logs Insights
AWS API Gateway $input variable in CloudWatch
Where are CloudWatch log data stored?
Display empty bin as a zero value in AWS Log Insights graph
AWS Cloudwatch event - how to trigger for different timezones?
How can I monitor memory used by specific process in AWS cloudwatch?
AWS CloudWatch Logs Insights alarms
AWS-CloudWatch: InvalidSequenceTokenException
Can we set cloudwatch log retention days in /etc/awslogs/awslogs.conf
Why Memory Utilization of EC2 instance is not default metric of Amazon CloudWatch?
The Lambda function returned an invalid request or response to CloudFront
How to monitor free disk space at AWS EC2 with Cloud Watch in windows
Amazon EC2 AutoScaling CPUUtilization Alarm- INSUFFICIENT DATA
AWS IAM Policies to connect AWS Cloudwatch Logs, Kinesis Firehose, S3 and ElasticSearch
How to run a group by in AWS Cloud Watch Logs Insights
How to get metrics data from aws cloudwatch to csv
CloudWatch Insights: get logs of errored lambdas
How to look up an amazon resource using the Amazon Resource Name (ARN) as an identifier?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!