我有一个lambda函数,可将指标写入Cloudwatch。在写指标的同时,它会在日志组中生成一些日志。
INFO:: username: simran+test@abc.com ClinicID: 7667 nodename: MacBook-Pro-2.local
INFO:: username: simran+test2@abc.com ClinicID: 7667 nodename: MacBook-Pro-2.local
INFO:: username: simran+test@abc.com ClinicID: 7668 nodename: MacBook-Pro-2.local
INFO:: username: simran+test3@abc.com ClinicID: 7667 nodename: MacBook-Pro-2.local
我想查询过去x小时内的AWS日志,其中x可能基于任何参数在12到24小时之间。
例如:
ClinicID=7667 或
ClinicID=7667和username='simran+test@abc.com' 或
username='simran+test@abc.com' 我在Python中使用boto3。我可以为此提供指示吗?
答案 0 :(得分:2)
您可以使用CloudWatch Logs Insights获得所需的内容。
您将使用start_query和get_query_results API:https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/logs.html
要开始查询,您将使用(对于您问题中的用例2,1和3相似):
import boto3
from datetime import datetime, timedelta
import time
client = boto3.client('logs')
query = "fields @timestamp, @message | parse @message \"username: * ClinicID: * nodename: *\" as username, ClinicID, nodename | filter ClinicID = 7667 and username='simran+test@abc.com'"
log_group = '/aws/lambda/NAME_OF_YOUR_LAMBDA_FUNCTION'
start_query_response = client.start_query(
logGroupName=log_group,
startTime=int((datetime.today() - timedelta(hours=5)).timestamp()),
endTime=int(datetime.now().timestamp()),
queryString=query,
)
query_id = start_query_response['queryId']
response = None
while response == None or response['status'] == 'Running':
print('Waiting for query to complete ...')
time.sleep(1)
response = client.get_query_results(
queryId=query_id
)
响应将包含这种格式的数据(加上一些元数据):
{
'results': [
[
{
'field': '@timestamp',
'value': '2019-12-09 17:07:24.428'
},
{
'field': '@message',
'value': 'username: simran+test@abc.com ClinicID: 7667 nodename: MacBook-Pro-2.local\n'
},
{
'field': 'username',
'value': 'simran+test@abc.com'
},
{
'field': 'ClinicID',
'value': '7667'
},
{
'field': 'nodename',
'value': 'MacBook-Pro-2.local\n'
}
]
]
}
答案 1 :(得分:1)
我使用了window.onresize = function(event) {
// Here get the height of page and give them multiplied bu 4/3 to the width of div
};
。如果您安装它,则可以。 awslogs将尾随新日志。
--watch
您可以使用安装
awslogs get /aws/lambda/log-group-1 --start="5h ago" --watch
要过滤,您可以执行以下操作:
pip install awslogs
它也支持多种过滤器模式。
awslogs get /aws/lambda/log-group-1 --filter-pattern '"ClinicID=7667"' --start "5h ago" --timestamp
答案 2 :(得分:1)
您可以使用cloudWatchlogs client和一些编码来实现。您还可以自定义条件或使用JSON模块获得精确结果。
编辑
您可以使用describe_log_streams来获取流。如果只想要最新的,只需设置限制1,或者如果想要多个,则使用for循环在过滤时迭代所有流,如下所述。
import boto3
client = boto3.client('logs')
## For the latest
stream_response = client.describe_log_streams(
logGroupName="/aws/lambda/lambdaFnName", # Can be dynamic
orderBy='LastEventTime', # For the latest events
limit=1 # the last latest event, if you just want one
)
latestlogStreamName = stream_response["logStreams"]["logStreamName"]
response = client.get_log_events(
logGroupName="/aws/lambda/lambdaFnName",
logStreamName=latestlogStreamName,
startTime=12345678,
endTime=12345678,
)
for event in response["events"]:
if event["message"]["ClinicID"] == "7667":
print(event["message"])
elif event["message"]["username"] == "simran+test@abc.com":
print(event["message"])
#.
#.
# more if or else conditions
## For more than one Streams, e.g. latest 5
stream_response = client.describe_log_streams(
logGroupName="/aws/lambda/lambdaFnName", # Can be dynamic
orderBy='LastEventTime', # For the latest events
limit=5
)
for log_stream in stream_response["logStreams"]:
latestlogStreamName = log_stream["logStreamName"]
response = client.get_log_events(
logGroupName="/aws/lambda/lambdaFnName",
logStreamName=latestlogStreamName,
startTime=12345678,
endTime=12345678,
)
## For example, you want to search "ClinicID=7667", can be dynamic
for event in response["events"]:
if event["message"]["ClinicID"] == "7667":
print(event["message"])
elif event["message"]["username"] == "simran+test@abc.com":
print(event["message"])
#.
#.
# more if or else conditions
让我知道怎么回事。