aws logs: The specified log group does not exist

20
votes

I'm trying to grab logs from Cloudwatch with this CLI usage:

cat cli-get-log-events.json    
{
    "logGroupName": "/aws/lambda/my-group", 
    "logStreamName": "2019/03/30/[$LATEST]dec1626296d84819be42f2ef615f292e", 
    "startTime": 1553977650000, 
    "endTime": 1553977748000, 
    "limit": 10, 
    "startFromHead": true
}


aws logs get-log-events --cli-input-json file://cli-get-log-events.json

But I see this error in the response:

An error occurred (ResourceNotFoundException) when calling the GetLogEvents operation: The specified log group does not exist.

4
amazon-web-servicesaws-cliamazon-cloudwatch
Did you try the FilterLogEvents API as well?Arka Mukherjee

4 Answers

18
votes

Your problem could be the region.

It turned out it wasn't for the OP but it might be for you looking at this question!

For example I had to add --region 'us-east-2' to fix a similar problem of log group not found when calling from the CLI

7
votes

The problem was that my log group was in a different account.

I was able to realize my problem when I attempted to list all log groups beginning with a common prefix, e.g. rather than "my-lambda", I used "my":

aws logs describe-log-groups --log-group-name-prefix /aws/lambda/my

As soon as I realized that no log groups were being listed for a prefix that I expected many log groups, and other prefixes did show some log groups, I realized I needed to use a different account. I leveraged the AWS CLI Profiles to access that account with this usage:

aws logs describe-log-groups --profile prd --log-group-name-prefix /aws/lambda/my

then I saw the many expected log groups, confirming their existence in the right account.

The fix to get the logs I needed should therefore be:

aws logs get-log-events --profile prd --cli-input-json file://cli-get-log-events.json

Unfortunately I get the following error:

An error occurred (ResourceNotFoundException) when calling the GetLogEvents operation: The specified log stream does not exist.

There is a mentionable solution for this error message over at: AWS Cloudwatch log stream name not recognised

But in my case, I think I just copied the wrong name of the log stream. I grabbed the name of the stream from the console again, pasted it into my cli input file.

My final usage was:

aws logs get-log-events --cli-input-json file://cli-get-log-events.json --profile prd > logs-xyz.json
2
votes

I received this error while checking logs via AWS Console.

My lambda script runs in private subnet within a VPC.

Adding "AWSLambdaVPCAccessExecutionRole" permission to Lambda role resolved the issue for me.

1
votes

I ended up finding out that the log group name is tied to the log-stream-name:

awslocal logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name 2021/02/03/[LATEST]6b0a3c3f

That works. This next statement says the log-group-name doesn't exist--so I'm thinking there might be an error with aws cli or awslocal.

awslocal logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name fakename