A CLI tool To query CloudWatch Logs Insights.
ToC
Write configuration to pyinsights.yml like:
version: '1.0'
log_group_name:
- '/ecs/sample'
query_string: 'field @message | filter @message like /ERROR/'
duration: '30m'
limit: 10I wrote examples, so see examples folder.
pyinsights -c pyinsights.yml -p aws_profile -r region| Type | Required |
|---|---|
| string | true |
Choose configuration version from ['1.0']
| Type | Required |
|---|---|
| array | true |
Target log group names to query
| Type | Required |
|---|---|
| string or array | true |
Specify CloudWatch Logs Insights query commands. Please see CloudWatch Logs Insights Query Syntax.
| is not required. Execute in order from the top.
ex)
query_string:
- 'field @message'
- 'fileter @message like /WARN/'Equal to
query_string: 'field @message | fileter @message like /WARN/'| Type | Required |
|---|---|
| string or object | true |
Specify weeks, days, hours, minutes or seconds unit.
weeks = w
days = d
hours = h
minutes = m
seconds = s
ex)
duration: 10hSpecify start_time and end_time.
The format must be YYYY-MM-DD HH:MM:SS.
ex)
duration:
start_time: '2020-01-01 00:00:00'
end_time: '2020-01-01 01:00:00'| Type | Required |
|---|---|
| integer | false |
The number of log to fetch.
Of course, you can specify limit in query_string.
| Option | Required | Description |
|---|---|---|
| -c, --config | true | Specify yaml configuration by absolute or relative path |
| -f, --format | false | Choose from json or table |
| -p, --profile | false | AWS profile name |
| -r, --region | false | AWS region |
| -q, --quiet | false | Suppress progress message |
| -o, --output | false | Specify the filename to output the query result |
| -v, --version | false | Show version |
If profile and region options are not specified, AWS Credentials must be set as environment variables.
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_DEFAULT_REGION
Please see Environment Variable Configuration for the detail.