Reputation: 19692
AWS Cloudwatch Logs Insights find logs close to another log or timestamp
On AWS Cloudwatch Log Insights, often after you filter your logs and find an interesting log message you want to see what was happening right before or after that message.
What is the best way to find log messages right next to another message?
I imagine a good way is to filter based on @tiemstamp and they conveniently provide a date_floor function, but I cannot figure out the syntax that works for equality to timestamps.
Upvotes: 34
Views: 12630
Answers (1)
Reputation: 2691
In Logs Insights, if you query for:
fields @timestamp, @message, @logStream
| filter @message like /<Your Log Message>/
you'll get a link where you can access the log stream. Clicking there will bring you right to the context before/after the log you're interested in.
It's a fair bit of work for something that should be a single click but it's the only work-around I'm aware of. Feel free to go bug the AWS team to build this as a 1-click feature right from the logs themselves.
Edit:
Something I didn't know when I wrote this answer: this trick only works if you're querying a single log group. If you're querying multiple, it still shows the logStream but it's not clickable.
Upvotes: 33
Related Questions
- Filter by timestamp query on AWS Cloudwatch Logs Insights
- AWS CloudWatch filter @LogStream in Logs Insights
- AWS Cloudwatch Insights how to query using multiple log groups
- How to query AWS CloudWatch logs using AWS CloudWatch Insights?
- CloudWatch Logs Insights : aggregate by time range
- Get the specific timestamp query on AWS Cloudwatch Logs Insights
- Parsing logs in Cloudwatch insight
- AWS CloudWatch Logs filter expression for AND
- Filter to a specific timeframe in AWS logs while keeping the log context
- Filter log streams in aws cloudwatch