CloudWatch Log Insights results @LogStream not always clickable.

I tried querying a single log group and it likely inferred it to be that log group. That means even if display ends with @logStream it will show it as a link. However if I query against multiple log groups, I will have to also return the log group name so that the log stream link can be generated.

Hello,

The difference could be generated because of the query being executed against multiple log groups.

When the following query is executed by selecting a single log group, it is understood that the log event in the query result belongs to the selected log group and the log stream link is provided.

fields @timestamp, @message, @logStream | filter @message like /Error/ | display @timestamp, @message, @logStream | limit 80 | sort @timestamp asc

When the same query is executed by selecting multiple log groups, the corresponding log group of the log event cannot be identified and hence the log stream link is not obtained.

@log is a log group identifier in the form of account-id:log-group-name. When querying multiple log groups, this can be useful to identify which log group a particular event belongs to. Refer to the document https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData-discoverable-fields.html Hence, the log stream link can be obtained by executing the following query upon selecting multiple log groups

fields @timestamp, @message, @logStream | filter @message like /Error/ | display @timestamp, @message, @logStream, @log | limit 80 | sort @timestamp asc

Hence, while querying for multiple log groups you will have to use @log in the query to get the log stream link in the query result.

If you have any questions specific to a particular log group, also feel free to raise a case with AWS Support and we can assist you in troubleshooting specifically for a resource.

I trust that you find above information helpful.