amazon-web-servicesaws-cloudwatch-log-insights
AWS Cloudwatch Log Insights - replace string function
How do I use AWS Cloudwatch Log Insights' replace function?
The docs do not give working examples.
Given logs which contain paths such as /api/lumberjack/123/axe/456/fashion
I am trying:
fields message
| parse message "path=* " as path
| fields replace(path, /[0123456789]+/, 'ID') as uniqpath
| stats count(*) by uniqpath
I expect results like:
uniqpath | count
/api/lumberjack/ID/axe/ID/fashion | 12
/api/lumberjack/ID/beardedness | 44
But instead it complains "Invalid arguments, received: (path) but expected: (str: string,searchValue: string,replaceValue: string)"
Solution
The replace function accepts fields as input for the first argument.
What is not supported is the second argument. You are passing a regex which is not recognized as a string.
I have not found a way to convert the regex to string. But at least you can pass the fieldname path for the first param. I have tested it changing the regex for a normal string.
Query:
fields @message
| parse @message "path=*" as path
| fields replace(path, 'lumberjack', 'ID') as uniqpath
| stats count(*) by uniqpath
Results:
- How to use MFA with AWS CLI?
- How do I get the URL for the item using the Amazon API
- How to make links work with exported sites when hosted on AWS Cloudfront?
- Error launching CloudFormation Template for CloudHSM
- Glacier as Resource in CloudFormation template?
- how to secure keys for API calls from android device to amazon services
- Why is this IAM policy denying access with an MFA session?
- AWS Lambda Function Trigger API Gateway Issue
- GetMyFeesEstimate API Amazon vba
- AWS Cloudformation !Ref SecurityGroup returns an invalid ID
- How to set up AWS Client VPN with Keycloak as IdP
- How to view/identify which process taking how much memory?
- using bottlenose in python to extract product price from Amazon in different locale
- Unable to delete cfn stack, role is invalid or cannot be assumed
- How to Set Up Account Linking for a Skill using Alexa API from Amazon?
- GitHub actions "aws: not found" error on ubuntu-latest with Godot CI
- Download file from S3 to Rails 4 app
- Cloudfront (CDN) with Internal Application Load Balancer
- Connecting private load balancer to cloud front distribution?
- Request to Amazon API with delphi : Got HTTP/1.1 403 Forbidden
- Amazon QuickSight Connects Over Internet Instead of VPC to Public Redshift Cluster
- Shift Lambda infrastructure to ECS
- IAM policy to allow EC2 instance API access only to modify itself
- How to match these 2 tables?
- What is the best way of getting files from AWS S3, inserting them into zip and uploading that zip to the bucket?
- What does this mean? An error occurred (SignatureDoesNotMatch) when calling the GetCallerIdentity operation: Signature expired
- AWS ElastiCache in cluster mode has no Primary / Reader endpoints
- How to query: filtering on multiple primary partition keys and range on primary sort key
- How can I get boto3 script to run as a Lambda function?
- Testing AWS CDK Applications Locally