Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AWS Cloudwatch Logs Insights: Query into array

Tags:

amazon-cloudwatch

aws-cloudwatch-log-insights

I have a Log Group with this kind of messages.

{
  "m": [
    {
      "id": "5b6973c7c86e8689368b4569",
      "ts": 1634112000.062
    },
        {
      "id": "6116d21e02e38f5045079c42",
      "ts": 1634120807.402
    },
    {
      "id": "60c368ff1085fc0d546fad52",
      "ts": 1634120807.512
    },
    {
      "id": "6053536817a46610797ed472",
      "ts": 1634120809.249
    }
  ]
}

I want to run a query over the field m.*.ts (It's an array). Something like this...

fields @message
| filter (m.*.ts > 1634112000.062 and m.*.ts < 1634120807.000 )

It's posible?

like image 308
icalvete Avatar asked Jan 31 '26 06:01

icalvete

1 Answers

fields @message
  | parse @message "[*] *" as id, ts
  | filter (ts > 1634112000.062 and ts <  1634120807.000)
like image 168
smcrowley Avatar answered Feb 02 '26 06:02

smcrowley

Sign in to Comment

Related questions

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!