I have a Lambda which queries the ec2 api and prints output to cloudwatch logs, which I want to use for metrics. However, I'm having trouble parsing the output (generated from a dictionary). Here is a typical @message:
defaultdict(None, {ec2.Instance(id='i-instance'): {'InstanceID': 'i-instance', 'Type': 't2.micro', 'ImageID': 'ami-0e5493310d2c6de5b', 'State': 'running'
I tried to |parse 'InstanceID': *' as InstanceId and similar but this errors, and I haven't found examples in the documentation (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html).
Assistance appreciated.
If you can modify the Lambda, probably the simplest solution would be to print the dictionary as a one-line JSON (instead of Python dictionary's string format) - something like print(json.dumps(myvalue)) should do the trick. Cloudwatch will then understand the fields automatically.
If you can't modify the Lambda's output, adding more quotes to the Logs Insights query might help: parse @message "'InstanceID': '*'" as InstanceID.