AWS CloudWatch Logs Insights - Group logs by API resource names and make aggregations

4
votes

I have AWS API Gateway with two resources:

/api/orders
/api/history

And I have enabled CloudWatch logs for that API. Using AWS CloudWatch Logs Insights I'm able to collect and observe logs from log groups related to the mentioned API. I'd like to analyze the traffic which goes through the API using collected logs and determine how many requests were made to each API resource.

How can I group log records from my API by resource name and aggregate some data (for example, calculate count of requests for each resource) using Logs Insights?

2
amazon-web-servicesaws-api-gatewayamazon-cloudwatchaws-cloudwatch-log-insights

2 Answers

1
votes

Using next queries we can see logs for each resource separately:

fields @timestamp, @message
| filter @message like /Resource Path: \/api\/orders/
| sort @timestamp desc


fields @timestamp, @message
| filter @message like /Resource Path: \/api\/history/
| sort @timestamp desc
0
votes

If you would like to see a 'line' graph on the 'Visualization Tab' and see the number of each resource requests over time, aggregated on (example) 5min bins, you could try something like

fields @timestamp, @message
| parse @message like /Resource Path: *history/ as hist
| parse @message like /Resource Path: *orders/ as ord
| stats count (hist) as c_hist, count(ord) as c_ord by bin (5m)