I have created a REST API using the AWS CDK and specified the following for the access logs:
const apiLogGroup = new cdk.aws_logs.LogGroup(this, `${this.apiName}-logGroup`, {
retention: cdk.aws_logs.RetentionDays.ONE_MONTH,
logGroupName: `/aws/apigateway/${this.apiName}`,
});
const accessLogDestination = new apigw.LogGroupLogDestination(apiLogGroup);
const accessLogFormat = apigw.AccessLogFormat.custom(
JSON.stringify({
requestId: apigw.AccessLogField.contextRequestId(),
email: apigw.AccessLogField.contextAuthorizer('email'),
path: apigw.AccessLogField.contextResourcePath(),
method: apigw.AccessLogField.contextHttpMethod(),
})
);
new apigw.RestApi(this, this.apiName, {
deployOptions: {
accessLogDestination,
accessLogFormat,
}
});
However I get dozens of new logstreams every second which contain only a single log. I would like to have all logs of say a 5 minute interval in the same logstream. Is there a way to ensure that all log entries within each 5-minute interval end up in the same log stream?
You can't. Which log stream a service writes to is not user-configurable, either with or without the CDK. See this related question: When does AWS CloudWatch create new log streams?.
Use the FilterLogEvents API or LogInsights to abstract away the log stream details if they are getting in your way.