Menu
I'm trying to do a query that will first aggregate by field count and after by bin(1h) for example I would like to get the result like:
# Date Field Count
1 2019-01-01T10:00:00.000Z A 123
2 2019-01-01T11:00:00.000Z A 456
3 2019-01-01T10:00:00.000Z B 567
4 2019-01-01T11:00:00.000Z B 789
Not sure if it's possible though, the query should be something like:
fields Field
| stats count() by Field by bin(1h)
Any ideas how to achieve this?
527
To run a query with an aggregation functionIn the navigation pane, choose Logs, and then choose Logs Insights. In the Select log group(s) drop down, choose one or more log groups to query. You can enter the name of log groups that you want to query in the search bar.
Amazon CloudWatch can't aggregate data across Regions. Metrics are completely separate between Regions".
Use the parse command to extract data from a log field and create an ephemeral field that you can process in your query. You must surround log fields named in queries that include characters other than the @ symbol, period ( . ), and non-alphanumeric characters in backtick keys ( ` ).
In the navigation pane, choose Insights . Select one or more log groups above the query editor. To help find your log groups, enter text in the search bar and CloudWatch Logs displays matching log groups in the search bar.
@logStream contains the log stream to which the log entry belongs. For other types of logs (e.g., the Combined Log Format, which is very common for web servers), you will need to make use of the parse command. The AWS CloudWatch Logs Insight query language is essentially a string of commands linked together through pipes.
AWS CloudWatch is a set of services offered by Amazon Web Services (AWS). AWS CloudWatch allows you to store and display metrics and logs as well as generate alarms to alert you when things go wrong.
Users can also leverage log field discovery, which automatically locates fields in JSON-based AWS service logs, including Amazon Route 53, AWS Lambda, AWS CloudTrail, and Amazon VPC. Connect AWS CloudWatch to MetricFire as a data source in the MetricFire free trial, and start reaping its benefits!
Is this what you need?
fields Field | stats count() by Field, bin(1h)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
