By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

CloudWatch Logs Insights

0

How to convert a string value to a number in the CloudWatch Logs Insights query.

My Object

{
            "readonly": false,
            "value": "30",
            "key": "MeterValueSampleInterval"
        }

CloudWatch Logs Insights query

  • Prasanth
    a year ago

    not working

    fields @timestamp, @message, @logStream, @log | parse @message/"MeterValueSampleInterval".*?"value\:" "(?<sample_interval>\d+)"/ | filter sample_interval == 30 | sort @timestamp desc | limit 1000

  • Ganesh Kudikala EXPERT
    a year ago

    Try this

    parse @message/"MeterValueSampleInterval".*?"value" "(?<sample_interval>\d+)"

    or

    parse @message/"MeterValueSampleInterval".*?"value\\:" "(?<sample_interval>\d+)"
Topics
Management & GovernanceNetworking & Content Delivery
Tags
Amazon CloudWatchCloudWatch Logs Insights
Language
English
Prasanth
asked a year ago1K views
1 Answer
0

If you're logging a JSON object, CWL should parse it automatically out of the message for you (you'll see key, readonly and value show in the "Discovered Fields" panel on the right). You can just specify the fields in the fields keyword.

The documentation says that the comparison operators work on any datatype so there's no need to convert your string value to an int explicity (the error you're getting is because you're using a to_int() function which doesn't exist.

For example, I injected your sample message in to a log stream and I can find it with this query:

fields @timestamp, @message, value
| filter value = 30

Query demo

profile pictureAWS
EXPERT
James_S
answered a year ago
profile picture
EXPERT
Adeleke Adebowale Julius
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content