AWS CloudWatch
LogicLoop connects to CloudWatch using the
boto3
client. According to their documentation before you can query with LogicLoop:[Y]ou should set up authentication credentials. Credentials for your AWS account can be found in the IAM Console. You can create or use an existing user. Go to manage access keys and generate a new set of keys.
With your
access_key_id
and secret_access_key
you can set up the CloudWatch and CloudWatch Log Insights data sources.These instructions assume you are familiar with the CloudWatch ad-hoc query language. To make exploring your data easier the schema browser will show which Namespaces and Metrics you can query.
Your query text must written in YAML syntax (not SQL). It should be an array of
MetricDataQuery
objects under a key called MetricsDataQueries
. When you execute the query LogicLoop converts this array to one or more get_metric_data()
calls.Here’s an example that sends two
MetricDataQuery
objects.MetricDataQueries:
- Id: database_connections
MetricStat:
Metric:
Namespace: AWS/RDS
MetricName: DatabaseConnections
Period: 60
Stat: Maximum
- Id: swap_usage
MetricStat:
Metric:
Namespace: AWS/RDS
MetricName: SwapUsage
Period: 60
Stat: Maximum
StartTime: "2020-01-01 00:00:00"
To query your CloudWatch data with SQL, first pull data using the YAML syntax. Then use the Query Results datasource to filter and sort the results
To learn more about the CloudWatch ad-hoc query language you can study the following links.
These instructions assume you are familiar with the CloudWatch Logs Insights ad-hoc query language. To make exploring your data easier the schema browser will show which Log Groups and @Fields you can query. Your query text must be written in YAML Syntax (not SQL). Your query can include the following keys:
Key | Type |
---|---|
logGroupName | string |
logGroupNames | array of strings |
startTime | integer or timestring |
endTime | integer or timestring |
queryString | string |
limit | integer |
Your query must include either a
logGroupName
or logGroupNames
. When you execute the query LogicLoop converts this object into a start_query()
call. Here is an example query:startTime: '2020-01-01 00:00'
logGroupNames: ['/ecs/rq-adhoc', '/ecs/rq-scheduled', '/ecs/rq-workers-scheduled']
queryString:
filter @message like 'Opened tunnel for <some org id>'
| parse 'Opened tunnel for <some org id> (<data source id>) with port *' as port
| fields @timestamp, @logStream
| sort @timestamp desc
Last modified 1yr ago