Cannot filter using the isValidIp function in CloudWatch
0
Hi
I'm currently experiencing issues when trying to use the "isValidIp" function for filtering logs in CloudWatch
fields @timestamp, StatusCode, RequestPath, @@m, isValidIp(Host),!(isValidIp(Host))
| filter !(isValidIp(Host))
I expect the query above to filter all logs where "Host" is not a valid IP address, but nothing is being filtered.
At the same time, I render isValidIp(Host) and !(isValidIp(Host)) and see that these can clearly render the correct values for the function.
Is there some limitation or is my syntax incorrect?
Here is a link to a screenshot of the query and results: https://ibb.co/NSM8qM3
Topics
asked 2 months ago5 views
1 Answers
0
I couldn't see the screenshot you shared, so I'm guessing a little here...
IsValidIp will return a boolean (true if valid), so I think you will need to use it in a condition in filter.
For example
| filter isValidIp(Host)
Hope that helps!
answered a month ago
Relevant questions
PutLogEvents with timeStamp in past breaks Cloudwatch Insights
asked a year agoLog Subscription Filter To Opensearch
asked 7 months agoAWS step function giving error, when I had included the "Parameter" tag
asked a month agoFiltering CloudWatch Insights by timestamp with date range
asked 2 years agoCannot filter using the isValidIp function in CloudWatch
asked 2 months agoCloudWatch-Insights: How to compare attributes on a query
asked a month agoHow can you filter by json property in cloudwatch log?
asked 7 months agoRun a Lambda function for RDS using the DBInstanceIdentifier
asked 19 days agoCan I use CloudWatch Logs to trigger a Lambda function?
Accepted Answerasked 2 years agoStart & Stop of EC2 instance using tags in Lambda function
Accepted Answerasked 3 months ago