Reputation: 8488
How to write AWS Log Insights query for multiple string patterns
I want to write a log insights query to search for multiple string patterns in log groups.
I know that I can use the following query to find a specific string in logs :
fields @timestamp, @message
| filter @message like "test string"
| sort @timestamp desc
But, I want to extend this to find multiple string patterns with regular expressions.
Can someone help to understand how to achieve this. I tried looking in internet and reading aws document but could not figure out how to do.
Upvotes: 1
Views: 3475
Answers (2)
Reputation: 33
How about using slashes, rather than quotes? That searches regex patterns:
fields @timestamp, @message
| filter @message like /test regex1/ or @message like /test regex2/
| sort @timestamp desc
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html
Upvotes: 1
Reputation: 11
I use the bellow syntax when I search for multiple strings:
Match all messages that have both 'string1' and 'string2':
fields @timestamp, @message | filter @message like 'string1' and @message like 'string2' | sort @timestamp desc | limit 20```Match all messages that have either 'string1' or 'string2':
fields @timestamp, @message | filter @message like 'string1' or @message like 'string2' | sort @timestamp desc | limit 20```
Upvotes: 1
Related Questions
- AWS Cloudwatch Insights how to query using multiple log groups
- AWS Log Insights query with string contains
- Cloud watch query for message like list of strings
- CloudWatch Logs insights Query to Get count of Given strings
- How to search for multiple strings in logs using aws cloudwatch log insights query?
- Filtering AWS CloudWatch raw log events by multiple values / AWS CLI
- How to search any string regular expression in AWS Log Insights?
- Parsing logs in Cloudwatch insight
- how to match multiple patterns in aws cloudwatch log to trigger a lambda
- Filter for specific string and include 2 following rows