TechQA.

Display empty bin as a zero value in AWS Log Insights graph

5.4k views Asked by At

With this count query by bin:

filter @message like / error /
| stats count() as exceptionCount by bin(30m)

I get a discontinuous graph, which is hard to grasp:

Graph

Is is possible for AWS Cloudwatch Log Insights to consider the empty bin as zero count to get a continuous graph?

amazon-cloudwatch aws-cloudwatch-log-insights
Original Q&A
2

There are 2 answers

4
Joey Lesh On BEST ANSWER

Found your question looking for my own answer to this.

The best that I came up with is to calculate a 'presence' field and then use sum to get 0's in the time bins.

I used strcontains, which returns a 1 when matched or 0 when not. https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html#CWL_QuerySyntax-operations-functions

Mine looks like this:

fields @timestamp, @message
| fields strcontains(@message, 'Exit status 1') as is_exit_message
| stats sum(is_exit_message) as is_exit_message_count by bin(15m) as time_of_crash
| sort time_of_crash desc

So, yours would be:

fields strcontains(@message, 'error') as is_error
| stats sum(is_error) as exceptionCount by bin(30m)
0
Jehong Ahn On

Use strcontains + sum or parse + count.

Do not use filter. You should query all of logs.

Related Questions in AMAZON-CLOUDWATCH

Related Questions in AWS-CLOUDWATCH-LOG-INSIGHTS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions