CloudWatch Logs Start Query
Schedules a query of a log group using CloudWatch Logs Insights. You specify the log group and time range to query and the query string to use.
For more information, see CloudWatch Logs Insights Query Syntax.
Queries time out after 15 minutes of execution. If your queries are timing out, reduce the time range being searched or partition your query into a number of queries.
External Documentation
To learn more, visit the AWS documentation.
Basic Parameters
| Parameter | Description |
|---|---|
| AWS Region(s) | Enter the desired AWS Region(s). To execute the action in multiple regions, provide a comma-separated list. For example: us-east-1,eu-west-2.If you wish to run the action in all available regions, use the asterisk symbol ( *) instead. |
| End Time | The end of the time range to query. The range is inclusive, so the specified end time is included in the query. Specified as epoch time, the number of seconds since January 1, 1970, 00:00:00 UTC. |
| Log Group Name | The log group on which to perform the query. A StartQuery operation must include a logGroupNames or a logGroupName parameter, but not both. |
| Log Group Names | The list of log groups to be queried. You can include up to 20 log groups. A StartQuery operation must include a logGroupNames or a logGroupName parameter, but not both. |
| Query String | The query string to use. For more information, see CloudWatch Logs Insights Query Syntax (https:docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). |
| Start Time | The beginning of the time range to query. The range is inclusive, so the specified start time is included in the query. Specified as epoch time, the number of seconds since January 1, 1970, 00:00:00 UTC. |
Advanced Parameters
| Parameter | Description |
|---|---|
| Disable XML To JSON Auto Convert | When checked, XML responses are not automatically converted into JSON format. |
| Limit | The maximum number of log events to return in the query. If the query string uses the fields command, only the specified fields and their values are returned. The default is 1000. |
Example Output
{
"queryId": "string"
}
Automation Library Example
Cloudwatch Logs Start Query with Aws and Send Results Via Email
Preview this Automation on desktop