Learn R Programming
paws.management (version 0.9.0)

cloudwatchlogs_start_query: Starts a query of one or more log groups using CloudWatch Logs Insights

Description

Starts a query of one or more log groups using CloudWatch Logs Insights. You specify the log groups and time range to query and the query string to use.

See https://www.paws-r-sdk.com/docs/cloudwatchlogs_start_query/ for full documentation.

Usage

cloudwatchlogs_start_query(
  queryLanguage = NULL,
  logGroupName = NULL,
  logGroupNames = NULL,
  logGroupIdentifiers = NULL,
  startTime,
  endTime,
  queryString,
  limit = NULL
)

Arguments

queryLanguage

Specify the query language to use for this query. The options are Logs Insights QL, OpenSearch PPL, and OpenSearch SQL. For more information about the query languages that CloudWatch Logs supports, see Supported query languages.

logGroupName

The log group on which to perform the query.

A start_query operation must include exactly one of the following parameters: logGroupName, logGroupNames, or logGroupIdentifiers. The exception is queries using the OpenSearch Service SQL query language, where you specify the log group names inside the querystring instead of here.

logGroupNames

The list of log groups to be queried. You can include up to 50 log groups.

A start_query operation must include exactly one of the following parameters: logGroupName, logGroupNames, or logGroupIdentifiers. The exception is queries using the OpenSearch Service SQL query language, where you specify the log group names inside the querystring instead of here.

logGroupIdentifiers

The list of log groups to query. You can include up to 50 log groups.

You can specify them by the log group name or ARN. If a log group that you're querying is in a source account and you're using a monitoring account, you must specify the ARN of the log group here. The query definition must also be defined in the monitoring account.

If you specify an ARN, use the format arn:aws:logs:region:account-id:log-group:log_group_name Don't include an * at the end.

A start_query operation must include exactly one of the following parameters: logGroupName, logGroupNames, or logGroupIdentifiers. The exception is queries using the OpenSearch Service SQL query language, where you specify the log group names inside the querystring instead of here.

startTime

[required] The beginning of the time range to query. The range is inclusive, so the specified start time is included in the query. Specified as epoch time, the number of seconds since January 1, 1970, 00:00:00 UTC.

endTime

[required] The end of the time range to query. The range is inclusive, so the specified end time is included in the query. Specified as epoch time, the number of seconds since January 1, 1970, 00:00:00 UTC.

queryString

[required] The query string to use. For more information, see CloudWatch Logs Insights Query Syntax.

limit

The maximum number of log events to return in the query. If the query string uses the fields command, only the specified fields and their values are returned. The default is 10,000.