I am trying the parse some cloudwatch logs to build visual (pie chart, bar chart) representations. My log data is in JSON format and looks like below:
{
"feature": "Feature 1",
"container": "TestContainer",
"user": {
"mail": "[email protected]",
"org": "temp_org",
"external": true
}
}
{
"feature": "Feature 2",
"container": "TestContainer1",
"user": {
"mail": "[email protected]",
"org": "temp1_org",
"external": true
}
}
I want to filter based on feature, container, user etc. For ex: how many request for "Feature 1".
Below is my CloudWatch log insights query:
fields @timestamp, @message, feature, container, user
| filter feature = "Feature 1"
| stats count(*) as Number_of_Request by feature
This query is giving me correct (filtered) results but it is not generating correct plot. Probably because the outcome is just one number not a time series. How do I aggregate it with the total number of requests so that it generate correct plots.
There was no need to add filter. Below works fine:
fields @timestamp, @message, feature, container, user
| stats count(*) as Number_of_Request by feature