aws-sdk-cloudwatchlogs 1.101.0 → 1.103.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-cloudwatchlogs/client.rb +1062 -47
- data/lib/aws-sdk-cloudwatchlogs/client_api.rb +493 -0
- data/lib/aws-sdk-cloudwatchlogs/types.rb +1770 -66
- data/lib/aws-sdk-cloudwatchlogs.rb +1 -1
- data/sig/client.rbs +366 -6
- data/sig/types.rbs +334 -4
- metadata +2 -2
@@ -1109,9 +1109,10 @@ module Aws::CloudWatchLogs
|
|
1109
1109
|
req.send_request(options)
|
1110
1110
|
end
|
1111
1111
|
|
1112
|
-
# Deletes a CloudWatch Logs account policy. This stops the
|
1113
|
-
# applying to
|
1114
|
-
#
|
1112
|
+
# Deletes a CloudWatch Logs account policy. This stops the account-wide
|
1113
|
+
# policy from applying to log groups in the account. If you delete a
|
1114
|
+
# data protection policy or subscription filter policy, any log-group
|
1115
|
+
# level policies of those types remain in effect.
|
1115
1116
|
#
|
1116
1117
|
# To use this operation, you must be signed on with the correct
|
1117
1118
|
# permissions depending on the type of policy that you are deleting.
|
@@ -1124,6 +1125,16 @@ module Aws::CloudWatchLogs
|
|
1124
1125
|
# `logs:DeleteSubscriptionFilter` and `logs:DeleteAccountPolicy`
|
1125
1126
|
# permissions.
|
1126
1127
|
#
|
1128
|
+
# * To delete a transformer policy, you must have the
|
1129
|
+
# `logs:DeleteTransformer` and `logs:DeleteAccountPolicy` permissions.
|
1130
|
+
#
|
1131
|
+
# * To delete a field index policy, you must have the
|
1132
|
+
# `logs:DeleteIndexPolicy` and `logs:DeleteAccountPolicy` permissions.
|
1133
|
+
#
|
1134
|
+
# If you delete a field index policy, the indexing of the log events
|
1135
|
+
# that happened before you deleted the policy will still be used for up
|
1136
|
+
# to 30 days to improve CloudWatch Logs Insights queries.
|
1137
|
+
#
|
1127
1138
|
# @option params [required, String] :policy_name
|
1128
1139
|
# The name of the policy to delete.
|
1129
1140
|
#
|
@@ -1136,7 +1147,7 @@ module Aws::CloudWatchLogs
|
|
1136
1147
|
#
|
1137
1148
|
# resp = client.delete_account_policy({
|
1138
1149
|
# policy_name: "PolicyName", # required
|
1139
|
-
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY
|
1150
|
+
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
|
1140
1151
|
# })
|
1141
1152
|
#
|
1142
1153
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteAccountPolicy AWS API Documentation
|
@@ -1331,6 +1342,44 @@ module Aws::CloudWatchLogs
|
|
1331
1342
|
req.send_request(options)
|
1332
1343
|
end
|
1333
1344
|
|
1345
|
+
# Deletes a log-group level field index policy that was applied to a
|
1346
|
+
# single log group. The indexing of the log events that happened before
|
1347
|
+
# you delete the policy will still be used for as many as 30 days to
|
1348
|
+
# improve CloudWatch Logs Insights queries.
|
1349
|
+
#
|
1350
|
+
# You can't use this operation to delete an account-level index policy.
|
1351
|
+
# Instead, use [DeletAccountPolicy][1].
|
1352
|
+
#
|
1353
|
+
# If you delete a log-group level field index policy and there is an
|
1354
|
+
# account-level field index policy, in a few minutes the log group
|
1355
|
+
# begins using that account-wide policy to index new incoming log
|
1356
|
+
# events.
|
1357
|
+
#
|
1358
|
+
#
|
1359
|
+
#
|
1360
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteAccountPolicy.html
|
1361
|
+
#
|
1362
|
+
# @option params [required, String] :log_group_identifier
|
1363
|
+
# The log group to delete the index policy for. You can specify either
|
1364
|
+
# the name or the ARN of the log group.
|
1365
|
+
#
|
1366
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1367
|
+
#
|
1368
|
+
# @example Request syntax with placeholder values
|
1369
|
+
#
|
1370
|
+
# resp = client.delete_index_policy({
|
1371
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
1372
|
+
# })
|
1373
|
+
#
|
1374
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteIndexPolicy AWS API Documentation
|
1375
|
+
#
|
1376
|
+
# @overload delete_index_policy(params = {})
|
1377
|
+
# @param [Hash] params ({})
|
1378
|
+
def delete_index_policy(params = {}, options = {})
|
1379
|
+
req = build_request(:delete_index_policy, params)
|
1380
|
+
req.send_request(options)
|
1381
|
+
end
|
1382
|
+
|
1334
1383
|
# Deletes the specified CloudWatch Logs anomaly detector.
|
1335
1384
|
#
|
1336
1385
|
# @option params [required, String] :anomaly_detector_arn
|
@@ -1551,6 +1600,39 @@ module Aws::CloudWatchLogs
|
|
1551
1600
|
req.send_request(options)
|
1552
1601
|
end
|
1553
1602
|
|
1603
|
+
# Deletes the log transformer for the specified log group. As soon as
|
1604
|
+
# you do this, the transformation of incoming log events according to
|
1605
|
+
# that transformer stops. If this account has an account-level
|
1606
|
+
# transformer that applies to this log group, the log group begins using
|
1607
|
+
# that account-level transformer when this log-group level transformer
|
1608
|
+
# is deleted.
|
1609
|
+
#
|
1610
|
+
# After you delete a transformer, be sure to edit any metric filters or
|
1611
|
+
# subscription filters that relied on the transformed versions of the
|
1612
|
+
# log events.
|
1613
|
+
#
|
1614
|
+
# @option params [required, String] :log_group_identifier
|
1615
|
+
# Specify either the name or ARN of the log group to delete the
|
1616
|
+
# transformer for. If the log group is in a source account and you are
|
1617
|
+
# using a monitoring account, you must use the log group ARN.
|
1618
|
+
#
|
1619
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1620
|
+
#
|
1621
|
+
# @example Request syntax with placeholder values
|
1622
|
+
#
|
1623
|
+
# resp = client.delete_transformer({
|
1624
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
1625
|
+
# })
|
1626
|
+
#
|
1627
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteTransformer AWS API Documentation
|
1628
|
+
#
|
1629
|
+
# @overload delete_transformer(params = {})
|
1630
|
+
# @param [Hash] params ({})
|
1631
|
+
def delete_transformer(params = {}, options = {})
|
1632
|
+
req = build_request(:delete_transformer, params)
|
1633
|
+
req.send_request(options)
|
1634
|
+
end
|
1635
|
+
|
1554
1636
|
# Returns a list of all CloudWatch Logs account policies in the account.
|
1555
1637
|
#
|
1556
1638
|
# @option params [required, String] :policy_type
|
@@ -1571,16 +1653,22 @@ module Aws::CloudWatchLogs
|
|
1571
1653
|
# If you omit this parameter, only the policy in the current account is
|
1572
1654
|
# returned.
|
1573
1655
|
#
|
1656
|
+
# @option params [String] :next_token
|
1657
|
+
# The token for the next set of items to return. (You received this
|
1658
|
+
# token from a previous call.)
|
1659
|
+
#
|
1574
1660
|
# @return [Types::DescribeAccountPoliciesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1575
1661
|
#
|
1576
1662
|
# * {Types::DescribeAccountPoliciesResponse#account_policies #account_policies} => Array<Types::AccountPolicy>
|
1663
|
+
# * {Types::DescribeAccountPoliciesResponse#next_token #next_token} => String
|
1577
1664
|
#
|
1578
1665
|
# @example Request syntax with placeholder values
|
1579
1666
|
#
|
1580
1667
|
# resp = client.describe_account_policies({
|
1581
|
-
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY
|
1668
|
+
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
|
1582
1669
|
# policy_name: "PolicyName",
|
1583
1670
|
# account_identifiers: ["AccountId"],
|
1671
|
+
# next_token: "NextToken",
|
1584
1672
|
# })
|
1585
1673
|
#
|
1586
1674
|
# @example Response structure
|
@@ -1589,10 +1677,11 @@ module Aws::CloudWatchLogs
|
|
1589
1677
|
# resp.account_policies[0].policy_name #=> String
|
1590
1678
|
# resp.account_policies[0].policy_document #=> String
|
1591
1679
|
# resp.account_policies[0].last_updated_time #=> Integer
|
1592
|
-
# resp.account_policies[0].policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY"
|
1680
|
+
# resp.account_policies[0].policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY", "FIELD_INDEX_POLICY", "TRANSFORMER_POLICY"
|
1593
1681
|
# resp.account_policies[0].scope #=> String, one of "ALL"
|
1594
1682
|
# resp.account_policies[0].selection_criteria #=> String
|
1595
1683
|
# resp.account_policies[0].account_id #=> String
|
1684
|
+
# resp.next_token #=> String
|
1596
1685
|
#
|
1597
1686
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeAccountPolicies AWS API Documentation
|
1598
1687
|
#
|
@@ -1958,6 +2047,110 @@ module Aws::CloudWatchLogs
|
|
1958
2047
|
req.send_request(options)
|
1959
2048
|
end
|
1960
2049
|
|
2050
|
+
# Returns a list of field indexes listed in the field index policies of
|
2051
|
+
# one or more log groups. For more information about field index
|
2052
|
+
# policies, see [PutIndexPolicy][1].
|
2053
|
+
#
|
2054
|
+
#
|
2055
|
+
#
|
2056
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutIndexPolicy.html
|
2057
|
+
#
|
2058
|
+
# @option params [required, Array<String>] :log_group_identifiers
|
2059
|
+
# An array containing the names or ARNs of the log groups that you want
|
2060
|
+
# to retrieve field indexes for.
|
2061
|
+
#
|
2062
|
+
# @option params [String] :next_token
|
2063
|
+
# The token for the next set of items to return. The token expires after
|
2064
|
+
# 24 hours.
|
2065
|
+
#
|
2066
|
+
# @return [Types::DescribeFieldIndexesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2067
|
+
#
|
2068
|
+
# * {Types::DescribeFieldIndexesResponse#field_indexes #field_indexes} => Array<Types::FieldIndex>
|
2069
|
+
# * {Types::DescribeFieldIndexesResponse#next_token #next_token} => String
|
2070
|
+
#
|
2071
|
+
# @example Request syntax with placeholder values
|
2072
|
+
#
|
2073
|
+
# resp = client.describe_field_indexes({
|
2074
|
+
# log_group_identifiers: ["LogGroupIdentifier"], # required
|
2075
|
+
# next_token: "NextToken",
|
2076
|
+
# })
|
2077
|
+
#
|
2078
|
+
# @example Response structure
|
2079
|
+
#
|
2080
|
+
# resp.field_indexes #=> Array
|
2081
|
+
# resp.field_indexes[0].log_group_identifier #=> String
|
2082
|
+
# resp.field_indexes[0].field_index_name #=> String
|
2083
|
+
# resp.field_indexes[0].last_scan_time #=> Integer
|
2084
|
+
# resp.field_indexes[0].first_event_time #=> Integer
|
2085
|
+
# resp.field_indexes[0].last_event_time #=> Integer
|
2086
|
+
# resp.next_token #=> String
|
2087
|
+
#
|
2088
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeFieldIndexes AWS API Documentation
|
2089
|
+
#
|
2090
|
+
# @overload describe_field_indexes(params = {})
|
2091
|
+
# @param [Hash] params ({})
|
2092
|
+
def describe_field_indexes(params = {}, options = {})
|
2093
|
+
req = build_request(:describe_field_indexes, params)
|
2094
|
+
req.send_request(options)
|
2095
|
+
end
|
2096
|
+
|
2097
|
+
# Returns the field index policies of one or more log groups. For more
|
2098
|
+
# information about field index policies, see [PutIndexPolicy][1].
|
2099
|
+
#
|
2100
|
+
# If a specified log group has a log-group level index policy, that
|
2101
|
+
# policy is returned by this operation.
|
2102
|
+
#
|
2103
|
+
# If a specified log group doesn't have a log-group level index policy,
|
2104
|
+
# but an account-wide index policy applies to it, that account-wide
|
2105
|
+
# policy is returned by this operation.
|
2106
|
+
#
|
2107
|
+
# To find information about only account-level policies, use
|
2108
|
+
# [DescribeAccountPolicies][2] instead.
|
2109
|
+
#
|
2110
|
+
#
|
2111
|
+
#
|
2112
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutIndexPolicy.html
|
2113
|
+
# [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeAccountPolicies.html
|
2114
|
+
#
|
2115
|
+
# @option params [required, Array<String>] :log_group_identifiers
|
2116
|
+
# An array containing the name or ARN of the log group that you want to
|
2117
|
+
# retrieve field index policies for.
|
2118
|
+
#
|
2119
|
+
# @option params [String] :next_token
|
2120
|
+
# The token for the next set of items to return. The token expires after
|
2121
|
+
# 24 hours.
|
2122
|
+
#
|
2123
|
+
# @return [Types::DescribeIndexPoliciesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2124
|
+
#
|
2125
|
+
# * {Types::DescribeIndexPoliciesResponse#index_policies #index_policies} => Array<Types::IndexPolicy>
|
2126
|
+
# * {Types::DescribeIndexPoliciesResponse#next_token #next_token} => String
|
2127
|
+
#
|
2128
|
+
# @example Request syntax with placeholder values
|
2129
|
+
#
|
2130
|
+
# resp = client.describe_index_policies({
|
2131
|
+
# log_group_identifiers: ["LogGroupIdentifier"], # required
|
2132
|
+
# next_token: "NextToken",
|
2133
|
+
# })
|
2134
|
+
#
|
2135
|
+
# @example Response structure
|
2136
|
+
#
|
2137
|
+
# resp.index_policies #=> Array
|
2138
|
+
# resp.index_policies[0].log_group_identifier #=> String
|
2139
|
+
# resp.index_policies[0].last_update_time #=> Integer
|
2140
|
+
# resp.index_policies[0].policy_document #=> String
|
2141
|
+
# resp.index_policies[0].policy_name #=> String
|
2142
|
+
# resp.index_policies[0].source #=> String, one of "ACCOUNT", "LOG_GROUP"
|
2143
|
+
# resp.next_token #=> String
|
2144
|
+
#
|
2145
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeIndexPolicies AWS API Documentation
|
2146
|
+
#
|
2147
|
+
# @overload describe_index_policies(params = {})
|
2148
|
+
# @param [Hash] params ({})
|
2149
|
+
def describe_index_policies(params = {}, options = {})
|
2150
|
+
req = build_request(:describe_index_policies, params)
|
2151
|
+
req.send_request(options)
|
2152
|
+
end
|
2153
|
+
|
1961
2154
|
# Lists the specified log groups. You can list all your log groups or
|
1962
2155
|
# filter the results by prefix. The results are ASCII-sorted by log
|
1963
2156
|
# group name.
|
@@ -2260,6 +2453,7 @@ module Aws::CloudWatchLogs
|
|
2260
2453
|
# resp.metric_filters[0].metric_transformations[0].unit #=> String, one of "Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None"
|
2261
2454
|
# resp.metric_filters[0].creation_time #=> Integer
|
2262
2455
|
# resp.metric_filters[0].log_group_name #=> String
|
2456
|
+
# resp.metric_filters[0].apply_on_transformed_logs #=> Boolean
|
2263
2457
|
# resp.next_token #=> String
|
2264
2458
|
#
|
2265
2459
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeMetricFilters AWS API Documentation
|
@@ -2461,6 +2655,7 @@ module Aws::CloudWatchLogs
|
|
2461
2655
|
# resp.subscription_filters[0].destination_arn #=> String
|
2462
2656
|
# resp.subscription_filters[0].role_arn #=> String
|
2463
2657
|
# resp.subscription_filters[0].distribution #=> String, one of "Random", "ByLogStream"
|
2658
|
+
# resp.subscription_filters[0].apply_on_transformed_logs #=> Boolean
|
2464
2659
|
# resp.subscription_filters[0].creation_time #=> Integer
|
2465
2660
|
# resp.next_token #=> String
|
2466
2661
|
#
|
@@ -3255,7 +3450,10 @@ module Aws::CloudWatchLogs
|
|
3255
3450
|
# resp.results[0][0].value #=> String
|
3256
3451
|
# resp.statistics.records_matched #=> Float
|
3257
3452
|
# resp.statistics.records_scanned #=> Float
|
3453
|
+
# resp.statistics.estimated_records_skipped #=> Float
|
3258
3454
|
# resp.statistics.bytes_scanned #=> Float
|
3455
|
+
# resp.statistics.estimated_bytes_skipped #=> Float
|
3456
|
+
# resp.statistics.log_groups_scanned #=> Float
|
3259
3457
|
# resp.status #=> String, one of "Scheduled", "Running", "Complete", "Failed", "Cancelled", "Timeout", "Unknown"
|
3260
3458
|
# resp.encryption_key #=> String
|
3261
3459
|
#
|
@@ -3268,6 +3466,120 @@ module Aws::CloudWatchLogs
|
|
3268
3466
|
req.send_request(options)
|
3269
3467
|
end
|
3270
3468
|
|
3469
|
+
# Returns the information about the log transformer associated with this
|
3470
|
+
# log group.
|
3471
|
+
#
|
3472
|
+
# This operation returns data only for transformers created at the log
|
3473
|
+
# group level. To get information for an account-level transformer, use
|
3474
|
+
# [DescribeAccountPolicies][1].
|
3475
|
+
#
|
3476
|
+
#
|
3477
|
+
#
|
3478
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeAccountPolicies.html
|
3479
|
+
#
|
3480
|
+
# @option params [required, String] :log_group_identifier
|
3481
|
+
# Specify either the name or ARN of the log group to return transformer
|
3482
|
+
# information for. If the log group is in a source account and you are
|
3483
|
+
# using a monitoring account, you must use the log group ARN.
|
3484
|
+
#
|
3485
|
+
# @return [Types::GetTransformerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3486
|
+
#
|
3487
|
+
# * {Types::GetTransformerResponse#log_group_identifier #log_group_identifier} => String
|
3488
|
+
# * {Types::GetTransformerResponse#creation_time #creation_time} => Integer
|
3489
|
+
# * {Types::GetTransformerResponse#last_modified_time #last_modified_time} => Integer
|
3490
|
+
# * {Types::GetTransformerResponse#transformer_config #transformer_config} => Array<Types::Processor>
|
3491
|
+
#
|
3492
|
+
# @example Request syntax with placeholder values
|
3493
|
+
#
|
3494
|
+
# resp = client.get_transformer({
|
3495
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
3496
|
+
# })
|
3497
|
+
#
|
3498
|
+
# @example Response structure
|
3499
|
+
#
|
3500
|
+
# resp.log_group_identifier #=> String
|
3501
|
+
# resp.creation_time #=> Integer
|
3502
|
+
# resp.last_modified_time #=> Integer
|
3503
|
+
# resp.transformer_config #=> Array
|
3504
|
+
# resp.transformer_config[0].add_keys.entries #=> Array
|
3505
|
+
# resp.transformer_config[0].add_keys.entries[0].key #=> String
|
3506
|
+
# resp.transformer_config[0].add_keys.entries[0].value #=> String
|
3507
|
+
# resp.transformer_config[0].add_keys.entries[0].overwrite_if_exists #=> Boolean
|
3508
|
+
# resp.transformer_config[0].copy_value.entries #=> Array
|
3509
|
+
# resp.transformer_config[0].copy_value.entries[0].source #=> String
|
3510
|
+
# resp.transformer_config[0].copy_value.entries[0].target #=> String
|
3511
|
+
# resp.transformer_config[0].copy_value.entries[0].overwrite_if_exists #=> Boolean
|
3512
|
+
# resp.transformer_config[0].csv.quote_character #=> String
|
3513
|
+
# resp.transformer_config[0].csv.delimiter #=> String
|
3514
|
+
# resp.transformer_config[0].csv.columns #=> Array
|
3515
|
+
# resp.transformer_config[0].csv.columns[0] #=> String
|
3516
|
+
# resp.transformer_config[0].csv.source #=> String
|
3517
|
+
# resp.transformer_config[0].date_time_converter.source #=> String
|
3518
|
+
# resp.transformer_config[0].date_time_converter.target #=> String
|
3519
|
+
# resp.transformer_config[0].date_time_converter.target_format #=> String
|
3520
|
+
# resp.transformer_config[0].date_time_converter.match_patterns #=> Array
|
3521
|
+
# resp.transformer_config[0].date_time_converter.match_patterns[0] #=> String
|
3522
|
+
# resp.transformer_config[0].date_time_converter.source_timezone #=> String
|
3523
|
+
# resp.transformer_config[0].date_time_converter.target_timezone #=> String
|
3524
|
+
# resp.transformer_config[0].date_time_converter.locale #=> String
|
3525
|
+
# resp.transformer_config[0].delete_keys.with_keys #=> Array
|
3526
|
+
# resp.transformer_config[0].delete_keys.with_keys[0] #=> String
|
3527
|
+
# resp.transformer_config[0].grok.source #=> String
|
3528
|
+
# resp.transformer_config[0].grok.match #=> String
|
3529
|
+
# resp.transformer_config[0].list_to_map.source #=> String
|
3530
|
+
# resp.transformer_config[0].list_to_map.key #=> String
|
3531
|
+
# resp.transformer_config[0].list_to_map.value_key #=> String
|
3532
|
+
# resp.transformer_config[0].list_to_map.target #=> String
|
3533
|
+
# resp.transformer_config[0].list_to_map.flatten #=> Boolean
|
3534
|
+
# resp.transformer_config[0].list_to_map.flattened_element #=> String, one of "first", "last"
|
3535
|
+
# resp.transformer_config[0].lower_case_string.with_keys #=> Array
|
3536
|
+
# resp.transformer_config[0].lower_case_string.with_keys[0] #=> String
|
3537
|
+
# resp.transformer_config[0].move_keys.entries #=> Array
|
3538
|
+
# resp.transformer_config[0].move_keys.entries[0].source #=> String
|
3539
|
+
# resp.transformer_config[0].move_keys.entries[0].target #=> String
|
3540
|
+
# resp.transformer_config[0].move_keys.entries[0].overwrite_if_exists #=> Boolean
|
3541
|
+
# resp.transformer_config[0].parse_cloudfront.source #=> String
|
3542
|
+
# resp.transformer_config[0].parse_json.source #=> String
|
3543
|
+
# resp.transformer_config[0].parse_json.destination #=> String
|
3544
|
+
# resp.transformer_config[0].parse_key_value.source #=> String
|
3545
|
+
# resp.transformer_config[0].parse_key_value.destination #=> String
|
3546
|
+
# resp.transformer_config[0].parse_key_value.field_delimiter #=> String
|
3547
|
+
# resp.transformer_config[0].parse_key_value.key_value_delimiter #=> String
|
3548
|
+
# resp.transformer_config[0].parse_key_value.key_prefix #=> String
|
3549
|
+
# resp.transformer_config[0].parse_key_value.non_match_value #=> String
|
3550
|
+
# resp.transformer_config[0].parse_key_value.overwrite_if_exists #=> Boolean
|
3551
|
+
# resp.transformer_config[0].parse_route_53.source #=> String
|
3552
|
+
# resp.transformer_config[0].parse_postgres.source #=> String
|
3553
|
+
# resp.transformer_config[0].parse_vpc.source #=> String
|
3554
|
+
# resp.transformer_config[0].parse_waf.source #=> String
|
3555
|
+
# resp.transformer_config[0].rename_keys.entries #=> Array
|
3556
|
+
# resp.transformer_config[0].rename_keys.entries[0].key #=> String
|
3557
|
+
# resp.transformer_config[0].rename_keys.entries[0].rename_to #=> String
|
3558
|
+
# resp.transformer_config[0].rename_keys.entries[0].overwrite_if_exists #=> Boolean
|
3559
|
+
# resp.transformer_config[0].split_string.entries #=> Array
|
3560
|
+
# resp.transformer_config[0].split_string.entries[0].source #=> String
|
3561
|
+
# resp.transformer_config[0].split_string.entries[0].delimiter #=> String
|
3562
|
+
# resp.transformer_config[0].substitute_string.entries #=> Array
|
3563
|
+
# resp.transformer_config[0].substitute_string.entries[0].source #=> String
|
3564
|
+
# resp.transformer_config[0].substitute_string.entries[0].from #=> String
|
3565
|
+
# resp.transformer_config[0].substitute_string.entries[0].to #=> String
|
3566
|
+
# resp.transformer_config[0].trim_string.with_keys #=> Array
|
3567
|
+
# resp.transformer_config[0].trim_string.with_keys[0] #=> String
|
3568
|
+
# resp.transformer_config[0].type_converter.entries #=> Array
|
3569
|
+
# resp.transformer_config[0].type_converter.entries[0].key #=> String
|
3570
|
+
# resp.transformer_config[0].type_converter.entries[0].type #=> String, one of "boolean", "integer", "double", "string"
|
3571
|
+
# resp.transformer_config[0].upper_case_string.with_keys #=> Array
|
3572
|
+
# resp.transformer_config[0].upper_case_string.with_keys[0] #=> String
|
3573
|
+
#
|
3574
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetTransformer AWS API Documentation
|
3575
|
+
#
|
3576
|
+
# @overload get_transformer(params = {})
|
3577
|
+
# @param [Hash] params ({})
|
3578
|
+
def get_transformer(params = {}, options = {})
|
3579
|
+
req = build_request(:get_transformer, params)
|
3580
|
+
req.send_request(options)
|
3581
|
+
end
|
3582
|
+
|
3271
3583
|
# Returns a list of anomalies that log anomaly detectors have found. For
|
3272
3584
|
# details about the structure format of each anomaly object that is
|
3273
3585
|
# returned, see the example in this section.
|
@@ -3401,6 +3713,63 @@ module Aws::CloudWatchLogs
|
|
3401
3713
|
req.send_request(options)
|
3402
3714
|
end
|
3403
3715
|
|
3716
|
+
# Returns a list of the log groups that were analyzed during a single
|
3717
|
+
# CloudWatch Logs Insights query. This can be useful for queries that
|
3718
|
+
# use log group name prefixes or the `filterIndex` command, because the
|
3719
|
+
# log groups are dynamically selected in these cases.
|
3720
|
+
#
|
3721
|
+
# For more information about field indexes, see [Create field indexes to
|
3722
|
+
# improve query performance and reduce costs][1].
|
3723
|
+
#
|
3724
|
+
#
|
3725
|
+
#
|
3726
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html
|
3727
|
+
#
|
3728
|
+
# @option params [required, String] :query_id
|
3729
|
+
# The ID of the query to use. This query ID is from the response to your
|
3730
|
+
# [StartQuery][1] operation.
|
3731
|
+
#
|
3732
|
+
#
|
3733
|
+
#
|
3734
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html
|
3735
|
+
#
|
3736
|
+
# @option params [String] :next_token
|
3737
|
+
# The token for the next set of items to return. The token expires after
|
3738
|
+
# 24 hours.
|
3739
|
+
#
|
3740
|
+
# @option params [Integer] :max_results
|
3741
|
+
# Limits the number of returned log groups to the specified number.
|
3742
|
+
#
|
3743
|
+
# @return [Types::ListLogGroupsForQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3744
|
+
#
|
3745
|
+
# * {Types::ListLogGroupsForQueryResponse#log_group_identifiers #log_group_identifiers} => Array<String>
|
3746
|
+
# * {Types::ListLogGroupsForQueryResponse#next_token #next_token} => String
|
3747
|
+
#
|
3748
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
3749
|
+
#
|
3750
|
+
# @example Request syntax with placeholder values
|
3751
|
+
#
|
3752
|
+
# resp = client.list_log_groups_for_query({
|
3753
|
+
# query_id: "QueryId", # required
|
3754
|
+
# next_token: "NextToken",
|
3755
|
+
# max_results: 1,
|
3756
|
+
# })
|
3757
|
+
#
|
3758
|
+
# @example Response structure
|
3759
|
+
#
|
3760
|
+
# resp.log_group_identifiers #=> Array
|
3761
|
+
# resp.log_group_identifiers[0] #=> String
|
3762
|
+
# resp.next_token #=> String
|
3763
|
+
#
|
3764
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListLogGroupsForQuery AWS API Documentation
|
3765
|
+
#
|
3766
|
+
# @overload list_log_groups_for_query(params = {})
|
3767
|
+
# @param [Hash] params ({})
|
3768
|
+
def list_log_groups_for_query(params = {}, options = {})
|
3769
|
+
req = build_request(:list_log_groups_for_query, params)
|
3770
|
+
req.send_request(options)
|
3771
|
+
end
|
3772
|
+
|
3404
3773
|
# Displays the tags associated with a CloudWatch Logs resource.
|
3405
3774
|
# Currently, log groups and destinations support tagging.
|
3406
3775
|
#
|
@@ -3480,9 +3849,9 @@ module Aws::CloudWatchLogs
|
|
3480
3849
|
req.send_request(options)
|
3481
3850
|
end
|
3482
3851
|
|
3483
|
-
# Creates an account-level data protection policy
|
3484
|
-
# policy that applies to all log groups or a
|
3485
|
-
# account.
|
3852
|
+
# Creates an account-level data protection policy, subscription filter
|
3853
|
+
# policy, or field index policy that applies to all log groups or a
|
3854
|
+
# subset of log groups in the account.
|
3486
3855
|
#
|
3487
3856
|
# **Data protection policy**
|
3488
3857
|
#
|
@@ -3555,6 +3924,102 @@ module Aws::CloudWatchLogs
|
|
3555
3924
|
# subscription filter operation for any destination except a Lambda
|
3556
3925
|
# function, you must also have the `iam:PassRole` permission.
|
3557
3926
|
#
|
3927
|
+
# **Transformer policy**
|
3928
|
+
#
|
3929
|
+
# Creates or updates a *log transformer policy* for your account. You
|
3930
|
+
# use log transformers to transform log events into a different format,
|
3931
|
+
# making them easier for you to process and analyze. You can also
|
3932
|
+
# transform logs from different sources into standardized formats that
|
3933
|
+
# contain relevant, source-specific information. After you have created
|
3934
|
+
# a transformer, CloudWatch Logs performs this transformation at the
|
3935
|
+
# time of log ingestion. You can then refer to the transformed versions
|
3936
|
+
# of the logs during operations such as querying with CloudWatch Logs
|
3937
|
+
# Insights or creating metric filters or subscription filters.
|
3938
|
+
#
|
3939
|
+
# You can also use a transformer to copy metadata from metadata keys
|
3940
|
+
# into the log events themselves. This metadata can include log group
|
3941
|
+
# name, log stream name, account ID and Region.
|
3942
|
+
#
|
3943
|
+
# A transformer for a log group is a series of processors, where each
|
3944
|
+
# processor applies one type of transformation to the log events
|
3945
|
+
# ingested into this log group. For more information about the available
|
3946
|
+
# processors to use in a transformer, see [ Processors that you can
|
3947
|
+
# use][6].
|
3948
|
+
#
|
3949
|
+
# Having log events in standardized format enables visibility across
|
3950
|
+
# your applications for your log analysis, reporting, and alarming
|
3951
|
+
# needs. CloudWatch Logs provides transformation for common log types
|
3952
|
+
# with out-of-the-box transformation templates for major Amazon Web
|
3953
|
+
# Services log sources such as VPC flow logs, Lambda, and Amazon RDS.
|
3954
|
+
# You can use pre-built transformation templates or create custom
|
3955
|
+
# transformation policies.
|
3956
|
+
#
|
3957
|
+
# You can create transformers only for the log groups in the Standard
|
3958
|
+
# log class.
|
3959
|
+
#
|
3960
|
+
# You can have one account-level transformer policy that applies to all
|
3961
|
+
# log groups in the account. Or you can create as many as 20
|
3962
|
+
# account-level transformer policies that are each scoped to a subset of
|
3963
|
+
# log groups with the `selectionCriteria` parameter. If you have
|
3964
|
+
# multiple account-level transformer policies with selection criteria,
|
3965
|
+
# no two of them can use the same or overlapping log group name
|
3966
|
+
# prefixes. For example, if you have one policy filtered to log groups
|
3967
|
+
# that start with `my-log`, you can't have another field index policy
|
3968
|
+
# filtered to `my-logpprod` or `my-logging`.
|
3969
|
+
#
|
3970
|
+
# You can also set up a transformer at the log-group level. For more
|
3971
|
+
# information, see [PutTransformer][7]. If there is both a log-group
|
3972
|
+
# level transformer created with `PutTransformer` and an account-level
|
3973
|
+
# transformer that could apply to the same log group, the log group uses
|
3974
|
+
# only the log-group level transformer. It ignores the account-level
|
3975
|
+
# transformer.
|
3976
|
+
#
|
3977
|
+
# **Field index policy**
|
3978
|
+
#
|
3979
|
+
# You can use field index policies to create indexes on fields found in
|
3980
|
+
# log events in the log group. Creating field indexes can help lower the
|
3981
|
+
# scan volume for CloudWatch Logs Insights queries that reference those
|
3982
|
+
# fields, because these queries attempt to skip the processing of log
|
3983
|
+
# events that are known to not match the indexed field. Good fields to
|
3984
|
+
# index are fields that you often need to query for and fields or values
|
3985
|
+
# that match only a small fraction of the total log events. Common
|
3986
|
+
# examples of indexes include request ID, session ID, user IDs, or
|
3987
|
+
# instance IDs. For more information, see [Create field indexes to
|
3988
|
+
# improve query performance and reduce costs][8]
|
3989
|
+
#
|
3990
|
+
# To find the fields that are in your log group events, use the
|
3991
|
+
# [GetLogGroupFields][9] operation.
|
3992
|
+
#
|
3993
|
+
# For example, suppose you have created a field index for `requestId`.
|
3994
|
+
# Then, any CloudWatch Logs Insights query on that log group that
|
3995
|
+
# includes `requestId = value ` or `requestId in [value, value, ...]`
|
3996
|
+
# will attempt to process only the log events where the indexed field
|
3997
|
+
# matches the specified value.
|
3998
|
+
#
|
3999
|
+
# Matches of log events to the names of indexed fields are
|
4000
|
+
# case-sensitive. For example, an indexed field of `RequestId` won't
|
4001
|
+
# match a log event containing `requestId`.
|
4002
|
+
#
|
4003
|
+
# You can have one account-level field index policy that applies to all
|
4004
|
+
# log groups in the account. Or you can create as many as 20
|
4005
|
+
# account-level field index policies that are each scoped to a subset of
|
4006
|
+
# log groups with the `selectionCriteria` parameter. If you have
|
4007
|
+
# multiple account-level index policies with selection criteria, no two
|
4008
|
+
# of them can use the same or overlapping log group name prefixes. For
|
4009
|
+
# example, if you have one policy filtered to log groups that start with
|
4010
|
+
# `my-log`, you can't have another field index policy filtered to
|
4011
|
+
# `my-logpprod` or `my-logging`.
|
4012
|
+
#
|
4013
|
+
# If you create an account-level field index policy in a monitoring
|
4014
|
+
# account in cross-account observability, the policy is applied only to
|
4015
|
+
# the monitoring account and not to any source accounts.
|
4016
|
+
#
|
4017
|
+
# If you want to create a field index policy for a single log group, you
|
4018
|
+
# can use [PutIndexPolicy][10] instead of `PutAccountPolicy`. If you do
|
4019
|
+
# so, that log group will use only that log-group level policy, and will
|
4020
|
+
# ignore the account-level policy that you create with
|
4021
|
+
# [PutAccountPolicy][11].
|
4022
|
+
#
|
3558
4023
|
#
|
3559
4024
|
#
|
3560
4025
|
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html
|
@@ -3562,6 +4027,12 @@ module Aws::CloudWatchLogs
|
|
3562
4027
|
# [3]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html
|
3563
4028
|
# [4]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html
|
3564
4029
|
# [5]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html
|
4030
|
+
# [6]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors
|
4031
|
+
# [7]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html
|
4032
|
+
# [8]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html
|
4033
|
+
# [9]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogGroupFields.html
|
4034
|
+
# [10]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutIndexPolicy.html
|
4035
|
+
# [11]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html
|
3565
4036
|
#
|
3566
4037
|
# @option params [required, String] :policy_name
|
3567
4038
|
# A name for the policy. This must be unique within the account.
|
@@ -3629,7 +4100,6 @@ module Aws::CloudWatchLogs
|
|
3629
4100
|
# * A logical destination in a different account created with
|
3630
4101
|
# [PutDestination][2], for cross-account delivery. Kinesis Data
|
3631
4102
|
# Streams and Firehose are supported as logical destinations.
|
3632
|
-
#
|
3633
4103
|
# * **RoleArn** The ARN of an IAM role that grants CloudWatch Logs
|
3634
4104
|
# permissions to deliver ingested log events to the destination
|
3635
4105
|
# stream. You don't need to provide the ARN when you are working with
|
@@ -3644,10 +4114,34 @@ module Aws::CloudWatchLogs
|
|
3644
4114
|
# property is only applicable when the destination is an Kinesis Data
|
3645
4115
|
# Streams data stream.
|
3646
4116
|
#
|
4117
|
+
# **Transformer policy**
|
4118
|
+
#
|
4119
|
+
# A transformer policy must include one JSON block with the array of
|
4120
|
+
# processors and their configurations. For more information about
|
4121
|
+
# available processors, see [ Processors that you can use][3].
|
4122
|
+
#
|
4123
|
+
# **Field index policy**
|
4124
|
+
#
|
4125
|
+
# A field index filter policy can include the following attribute in a
|
4126
|
+
# JSON block:
|
4127
|
+
#
|
4128
|
+
# * **Fields** The array of field indexes to create.
|
4129
|
+
#
|
4130
|
+
# ^
|
4131
|
+
#
|
4132
|
+
# It must contain at least one field index.
|
4133
|
+
#
|
4134
|
+
# The following is an example of an index policy document that creates
|
4135
|
+
# two indexes, `RequestId` and `TransactionId`.
|
4136
|
+
#
|
4137
|
+
# `"policyDocument": "{ "Fields": [ "RequestId", "TransactionId" ]
|
4138
|
+
# }"`
|
4139
|
+
#
|
3647
4140
|
#
|
3648
4141
|
#
|
3649
4142
|
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html
|
3650
4143
|
# [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html
|
4144
|
+
# [3]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors
|
3651
4145
|
#
|
3652
4146
|
# @option params [required, String] :policy_type
|
3653
4147
|
# The type of policy that you're creating or updating.
|
@@ -3658,17 +4152,25 @@ module Aws::CloudWatchLogs
|
|
3658
4152
|
# the account. If you omit this parameter, the default of `ALL` is used.
|
3659
4153
|
#
|
3660
4154
|
# @option params [String] :selection_criteria
|
3661
|
-
# Use this parameter to apply the
|
3662
|
-
#
|
3663
|
-
# `LogGroupName NOT IN []`. The `selectionCriteria` string can be up to
|
3664
|
-
# 25KB in length. The length is determined by using its UTF-8 bytes.
|
4155
|
+
# Use this parameter to apply the new policy to a subset of log groups
|
4156
|
+
# in the account.
|
3665
4157
|
#
|
3666
|
-
#
|
3667
|
-
#
|
3668
|
-
#
|
4158
|
+
# Specifing `selectionCriteria` is valid only when you specify
|
4159
|
+
# `SUBSCRIPTION_FILTER_POLICY`, `FIELD_INDEX_POLICY` or
|
4160
|
+
# `TRANSFORMER_POLICY`for `policyType`.
|
3669
4161
|
#
|
3670
|
-
#
|
3671
|
-
#
|
4162
|
+
# If `policyType` is `SUBSCRIPTION_FILTER_POLICY`, the only supported
|
4163
|
+
# `selectionCriteria` filter is `LogGroupName NOT IN []`
|
4164
|
+
#
|
4165
|
+
# If `policyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY`, the
|
4166
|
+
# only supported `selectionCriteria` filter is `LogGroupNamePrefix`
|
4167
|
+
#
|
4168
|
+
# The `selectionCriteria` string can be up to 25KB in length. The length
|
4169
|
+
# is determined by using its UTF-8 bytes.
|
4170
|
+
#
|
4171
|
+
# Using the `selectionCriteria` parameter with
|
4172
|
+
# `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops.
|
4173
|
+
# For more information, see [Log recursion prevention][1].
|
3672
4174
|
#
|
3673
4175
|
#
|
3674
4176
|
#
|
@@ -3683,7 +4185,7 @@ module Aws::CloudWatchLogs
|
|
3683
4185
|
# resp = client.put_account_policy({
|
3684
4186
|
# policy_name: "PolicyName", # required
|
3685
4187
|
# policy_document: "AccountPolicyDocument", # required
|
3686
|
-
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY
|
4188
|
+
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
|
3687
4189
|
# scope: "ALL", # accepts ALL
|
3688
4190
|
# selection_criteria: "SelectionCriteria",
|
3689
4191
|
# })
|
@@ -3693,7 +4195,7 @@ module Aws::CloudWatchLogs
|
|
3693
4195
|
# resp.account_policy.policy_name #=> String
|
3694
4196
|
# resp.account_policy.policy_document #=> String
|
3695
4197
|
# resp.account_policy.last_updated_time #=> Integer
|
3696
|
-
# resp.account_policy.policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY"
|
4198
|
+
# resp.account_policy.policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY", "FIELD_INDEX_POLICY", "TRANSFORMER_POLICY"
|
3697
4199
|
# resp.account_policy.scope #=> String, one of "ALL"
|
3698
4200
|
# resp.account_policy.selection_criteria #=> String
|
3699
4201
|
# resp.account_policy.account_id #=> String
|
@@ -4231,6 +4733,104 @@ module Aws::CloudWatchLogs
|
|
4231
4733
|
req.send_request(options)
|
4232
4734
|
end
|
4233
4735
|
|
4736
|
+
# Creates or updates a *field index policy* for the specified log group.
|
4737
|
+
# Only log groups in the Standard log class support field index
|
4738
|
+
# policies. For more information about log classes, see [Log
|
4739
|
+
# classes][1].
|
4740
|
+
#
|
4741
|
+
# You can use field index policies to create *field indexes* on fields
|
4742
|
+
# found in log events in the log group. Creating field indexes speeds up
|
4743
|
+
# and lowers the costs for CloudWatch Logs Insights queries that
|
4744
|
+
# reference those field indexes, because these queries attempt to skip
|
4745
|
+
# the processing of log events that are known to not match the indexed
|
4746
|
+
# field. Good fields to index are fields that you often need to query
|
4747
|
+
# for and fields or values that match only a small fraction of the total
|
4748
|
+
# log events. Common examples of indexes include request ID, session ID,
|
4749
|
+
# userID, and instance IDs. For more information, see [Create field
|
4750
|
+
# indexes to improve query performance and reduce costs][2].
|
4751
|
+
#
|
4752
|
+
# To find the fields that are in your log group events, use the
|
4753
|
+
# [GetLogGroupFields][3] operation.
|
4754
|
+
#
|
4755
|
+
# For example, suppose you have created a field index for `requestId`.
|
4756
|
+
# Then, any CloudWatch Logs Insights query on that log group that
|
4757
|
+
# includes `requestId = value ` or `requestId IN [value, value, ...]`
|
4758
|
+
# will process fewer log events to reduce costs, and have improved
|
4759
|
+
# performance.
|
4760
|
+
#
|
4761
|
+
# Each index policy has the following quotas and restrictions:
|
4762
|
+
#
|
4763
|
+
# * As many as 20 fields can be included in the policy.
|
4764
|
+
#
|
4765
|
+
# * Each field name can include as many as 100 characters.
|
4766
|
+
#
|
4767
|
+
# Matches of log events to the names of indexed fields are
|
4768
|
+
# case-sensitive. For example, a field index of `RequestId` won't match
|
4769
|
+
# a log event containing `requestId`.
|
4770
|
+
#
|
4771
|
+
# Log group-level field index policies created with `PutIndexPolicy`
|
4772
|
+
# override account-level field index policies created with
|
4773
|
+
# [PutAccountPolicy][4]. If you use `PutIndexPolicy` to create a field
|
4774
|
+
# index policy for a log group, that log group uses only that policy.
|
4775
|
+
# The log group ignores any account-wide field index policy that you
|
4776
|
+
# might have created.
|
4777
|
+
#
|
4778
|
+
#
|
4779
|
+
#
|
4780
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html
|
4781
|
+
# [2]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html
|
4782
|
+
# [3]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogGroupFields.html
|
4783
|
+
# [4]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html
|
4784
|
+
#
|
4785
|
+
# @option params [required, String] :log_group_identifier
|
4786
|
+
# Specify either the log group name or log group ARN to apply this field
|
4787
|
+
# index policy to. If you specify an ARN, use the format
|
4788
|
+
# arn:aws:logs:*region*:*account-id*:log-group:*log\_group\_name* Don't
|
4789
|
+
# include an * at the end.
|
4790
|
+
#
|
4791
|
+
# @option params [required, String] :policy_document
|
4792
|
+
# The index policy document, in JSON format. The following is an example
|
4793
|
+
# of an index policy document that creates two indexes, `RequestId` and
|
4794
|
+
# `TransactionId`.
|
4795
|
+
#
|
4796
|
+
# `"policyDocument": "{ "Fields": [ "RequestId", "TransactionId" ] }"`
|
4797
|
+
#
|
4798
|
+
# The policy document must include at least one field index. For more
|
4799
|
+
# information about the fields that can be included and other
|
4800
|
+
# restrictions, see [Field index syntax and quotas][1].
|
4801
|
+
#
|
4802
|
+
#
|
4803
|
+
#
|
4804
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing-Syntax.html
|
4805
|
+
#
|
4806
|
+
# @return [Types::PutIndexPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
4807
|
+
#
|
4808
|
+
# * {Types::PutIndexPolicyResponse#index_policy #index_policy} => Types::IndexPolicy
|
4809
|
+
#
|
4810
|
+
# @example Request syntax with placeholder values
|
4811
|
+
#
|
4812
|
+
# resp = client.put_index_policy({
|
4813
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
4814
|
+
# policy_document: "PolicyDocument", # required
|
4815
|
+
# })
|
4816
|
+
#
|
4817
|
+
# @example Response structure
|
4818
|
+
#
|
4819
|
+
# resp.index_policy.log_group_identifier #=> String
|
4820
|
+
# resp.index_policy.last_update_time #=> Integer
|
4821
|
+
# resp.index_policy.policy_document #=> String
|
4822
|
+
# resp.index_policy.policy_name #=> String
|
4823
|
+
# resp.index_policy.source #=> String, one of "ACCOUNT", "LOG_GROUP"
|
4824
|
+
#
|
4825
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutIndexPolicy AWS API Documentation
|
4826
|
+
#
|
4827
|
+
# @overload put_index_policy(params = {})
|
4828
|
+
# @param [Hash] params ({})
|
4829
|
+
def put_index_policy(params = {}, options = {})
|
4830
|
+
req = build_request(:put_index_policy, params)
|
4831
|
+
req.send_request(options)
|
4832
|
+
end
|
4833
|
+
|
4234
4834
|
# Uploads a batch of log events to the specified log stream.
|
4235
4835
|
#
|
4236
4836
|
# The sequence token is now ignored in `PutLogEvents` actions.
|
@@ -4294,7 +4894,7 @@ module Aws::CloudWatchLogs
|
|
4294
4894
|
# if the sequence token is not valid.
|
4295
4895
|
#
|
4296
4896
|
# @option params [Types::Entity] :entity
|
4297
|
-
#
|
4897
|
+
# The entity associated with the log events.
|
4298
4898
|
#
|
4299
4899
|
# @return [Types::PutLogEventsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
4300
4900
|
#
|
@@ -4350,12 +4950,12 @@ module Aws::CloudWatchLogs
|
|
4350
4950
|
# group is 100.
|
4351
4951
|
#
|
4352
4952
|
# Using regular expressions to create metric filters is supported. For
|
4353
|
-
# these filters, there is a
|
4354
|
-
#
|
4355
|
-
#
|
4356
|
-
#
|
4357
|
-
#
|
4358
|
-
#
|
4953
|
+
# these filters, there is a quota of two regular expression patterns
|
4954
|
+
# within a single filter pattern. There is also a quota of five regular
|
4955
|
+
# expression patterns per log group. For more information about using
|
4956
|
+
# regular expressions in metric filters, see [ Filter pattern syntax for
|
4957
|
+
# metric filters, subscription filters, filter log events, and Live
|
4958
|
+
# Tail][2].
|
4359
4959
|
#
|
4360
4960
|
# When you create a metric filter, you can also optionally assign a unit
|
4361
4961
|
# and dimensions to the metric that is created.
|
@@ -4393,6 +4993,20 @@ module Aws::CloudWatchLogs
|
|
4393
4993
|
# @option params [required, Array<Types::MetricTransformation>] :metric_transformations
|
4394
4994
|
# A collection of information that defines how metric data gets emitted.
|
4395
4995
|
#
|
4996
|
+
# @option params [Boolean] :apply_on_transformed_logs
|
4997
|
+
# This parameter is valid only for log groups that have an active log
|
4998
|
+
# transformer. For more information about log transformers, see
|
4999
|
+
# [PutTransformer][1].
|
5000
|
+
#
|
5001
|
+
# If the log group uses either a log-group level or account-level
|
5002
|
+
# transformer, and you specify `true`, the metric filter will be applied
|
5003
|
+
# on the transformed version of the log events instead of the original
|
5004
|
+
# ingested log events.
|
5005
|
+
#
|
5006
|
+
#
|
5007
|
+
#
|
5008
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html
|
5009
|
+
#
|
4396
5010
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4397
5011
|
#
|
4398
5012
|
# @example Request syntax with placeholder values
|
@@ -4413,6 +5027,7 @@ module Aws::CloudWatchLogs
|
|
4413
5027
|
# unit: "Seconds", # accepts Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, None
|
4414
5028
|
# },
|
4415
5029
|
# ],
|
5030
|
+
# apply_on_transformed_logs: false,
|
4416
5031
|
# })
|
4417
5032
|
#
|
4418
5033
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutMetricFilter AWS API Documentation
|
@@ -4741,6 +5356,20 @@ module Aws::CloudWatchLogs
|
|
4741
5356
|
# random for a more even distribution. This property is only applicable
|
4742
5357
|
# when the destination is an Amazon Kinesis data stream.
|
4743
5358
|
#
|
5359
|
+
# @option params [Boolean] :apply_on_transformed_logs
|
5360
|
+
# This parameter is valid only for log groups that have an active log
|
5361
|
+
# transformer. For more information about log transformers, see
|
5362
|
+
# [PutTransformer][1].
|
5363
|
+
#
|
5364
|
+
# If the log group uses either a log-group level or account-level
|
5365
|
+
# transformer, and you specify `true`, the subscription filter will be
|
5366
|
+
# applied on the transformed version of the log events instead of the
|
5367
|
+
# original ingested log events.
|
5368
|
+
#
|
5369
|
+
#
|
5370
|
+
#
|
5371
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html
|
5372
|
+
#
|
4744
5373
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4745
5374
|
#
|
4746
5375
|
# @example Request syntax with placeholder values
|
@@ -4752,6 +5381,7 @@ module Aws::CloudWatchLogs
|
|
4752
5381
|
# destination_arn: "DestinationArn", # required
|
4753
5382
|
# role_arn: "RoleArn",
|
4754
5383
|
# distribution: "Random", # accepts Random, ByLogStream
|
5384
|
+
# apply_on_transformed_logs: false,
|
4755
5385
|
# })
|
4756
5386
|
#
|
4757
5387
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutSubscriptionFilter AWS API Documentation
|
@@ -4763,6 +5393,211 @@ module Aws::CloudWatchLogs
|
|
4763
5393
|
req.send_request(options)
|
4764
5394
|
end
|
4765
5395
|
|
5396
|
+
# Creates or updates a *log transformer* for a single log group. You use
|
5397
|
+
# log transformers to transform log events into a different format,
|
5398
|
+
# making them easier for you to process and analyze. You can also
|
5399
|
+
# transform logs from different sources into standardized formats that
|
5400
|
+
# contains relevant, source-specific information.
|
5401
|
+
#
|
5402
|
+
# After you have created a transformer, CloudWatch Logs performs the
|
5403
|
+
# transformations at the time of log ingestion. You can then refer to
|
5404
|
+
# the transformed versions of the logs during operations such as
|
5405
|
+
# querying with CloudWatch Logs Insights or creating metric filters or
|
5406
|
+
# subscription filers.
|
5407
|
+
#
|
5408
|
+
# You can also use a transformer to copy metadata from metadata keys
|
5409
|
+
# into the log events themselves. This metadata can include log group
|
5410
|
+
# name, log stream name, account ID and Region.
|
5411
|
+
#
|
5412
|
+
# A transformer for a log group is a series of processors, where each
|
5413
|
+
# processor applies one type of transformation to the log events
|
5414
|
+
# ingested into this log group. The processors work one after another,
|
5415
|
+
# in the order that you list them, like a pipeline. For more information
|
5416
|
+
# about the available processors to use in a transformer, see [
|
5417
|
+
# Processors that you can use][1].
|
5418
|
+
#
|
5419
|
+
# Having log events in standardized format enables visibility across
|
5420
|
+
# your applications for your log analysis, reporting, and alarming
|
5421
|
+
# needs. CloudWatch Logs provides transformation for common log types
|
5422
|
+
# with out-of-the-box transformation templates for major Amazon Web
|
5423
|
+
# Services log sources such as VPC flow logs, Lambda, and Amazon RDS.
|
5424
|
+
# You can use pre-built transformation templates or create custom
|
5425
|
+
# transformation policies.
|
5426
|
+
#
|
5427
|
+
# You can create transformers only for the log groups in the Standard
|
5428
|
+
# log class.
|
5429
|
+
#
|
5430
|
+
# You can also set up a transformer at the account level. For more
|
5431
|
+
# information, see [PutAccountPolicy][2]. If there is both a log-group
|
5432
|
+
# level transformer created with `PutTransformer` and an account-level
|
5433
|
+
# transformer that could apply to the same log group, the log group uses
|
5434
|
+
# only the log-group level transformer. It ignores the account-level
|
5435
|
+
# transformer.
|
5436
|
+
#
|
5437
|
+
#
|
5438
|
+
#
|
5439
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors
|
5440
|
+
# [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html
|
5441
|
+
#
|
5442
|
+
# @option params [required, String] :log_group_identifier
|
5443
|
+
# Specify either the name or ARN of the log group to create the
|
5444
|
+
# transformer for.
|
5445
|
+
#
|
5446
|
+
# @option params [required, Array<Types::Processor>] :transformer_config
|
5447
|
+
# This structure contains the configuration of this log transformer. A
|
5448
|
+
# log transformer is an array of processors, where each processor
|
5449
|
+
# applies one type of transformation to the log events that are
|
5450
|
+
# ingested.
|
5451
|
+
#
|
5452
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
5453
|
+
#
|
5454
|
+
# @example Request syntax with placeholder values
|
5455
|
+
#
|
5456
|
+
# resp = client.put_transformer({
|
5457
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
5458
|
+
# transformer_config: [ # required
|
5459
|
+
# {
|
5460
|
+
# add_keys: {
|
5461
|
+
# entries: [ # required
|
5462
|
+
# {
|
5463
|
+
# key: "Key", # required
|
5464
|
+
# value: "AddKeyValue", # required
|
5465
|
+
# overwrite_if_exists: false,
|
5466
|
+
# },
|
5467
|
+
# ],
|
5468
|
+
# },
|
5469
|
+
# copy_value: {
|
5470
|
+
# entries: [ # required
|
5471
|
+
# {
|
5472
|
+
# source: "Source", # required
|
5473
|
+
# target: "Target", # required
|
5474
|
+
# overwrite_if_exists: false,
|
5475
|
+
# },
|
5476
|
+
# ],
|
5477
|
+
# },
|
5478
|
+
# csv: {
|
5479
|
+
# quote_character: "QuoteCharacter",
|
5480
|
+
# delimiter: "Delimiter",
|
5481
|
+
# columns: ["Column"],
|
5482
|
+
# source: "Source",
|
5483
|
+
# },
|
5484
|
+
# date_time_converter: {
|
5485
|
+
# source: "Source", # required
|
5486
|
+
# target: "Target", # required
|
5487
|
+
# target_format: "TargetFormat",
|
5488
|
+
# match_patterns: ["MatchPattern"], # required
|
5489
|
+
# source_timezone: "SourceTimezone",
|
5490
|
+
# target_timezone: "TargetTimezone",
|
5491
|
+
# locale: "Locale",
|
5492
|
+
# },
|
5493
|
+
# delete_keys: {
|
5494
|
+
# with_keys: ["WithKey"], # required
|
5495
|
+
# },
|
5496
|
+
# grok: {
|
5497
|
+
# source: "Source",
|
5498
|
+
# match: "GrokMatch", # required
|
5499
|
+
# },
|
5500
|
+
# list_to_map: {
|
5501
|
+
# source: "Source", # required
|
5502
|
+
# key: "Key", # required
|
5503
|
+
# value_key: "ValueKey",
|
5504
|
+
# target: "Target",
|
5505
|
+
# flatten: false,
|
5506
|
+
# flattened_element: "first", # accepts first, last
|
5507
|
+
# },
|
5508
|
+
# lower_case_string: {
|
5509
|
+
# with_keys: ["WithKey"], # required
|
5510
|
+
# },
|
5511
|
+
# move_keys: {
|
5512
|
+
# entries: [ # required
|
5513
|
+
# {
|
5514
|
+
# source: "Source", # required
|
5515
|
+
# target: "Target", # required
|
5516
|
+
# overwrite_if_exists: false,
|
5517
|
+
# },
|
5518
|
+
# ],
|
5519
|
+
# },
|
5520
|
+
# parse_cloudfront: {
|
5521
|
+
# source: "Source",
|
5522
|
+
# },
|
5523
|
+
# parse_json: {
|
5524
|
+
# source: "Source",
|
5525
|
+
# destination: "DestinationField",
|
5526
|
+
# },
|
5527
|
+
# parse_key_value: {
|
5528
|
+
# source: "Source",
|
5529
|
+
# destination: "DestinationField",
|
5530
|
+
# field_delimiter: "ParserFieldDelimiter",
|
5531
|
+
# key_value_delimiter: "KeyValueDelimiter",
|
5532
|
+
# key_prefix: "KeyPrefix",
|
5533
|
+
# non_match_value: "NonMatchValue",
|
5534
|
+
# overwrite_if_exists: false,
|
5535
|
+
# },
|
5536
|
+
# parse_route_53: {
|
5537
|
+
# source: "Source",
|
5538
|
+
# },
|
5539
|
+
# parse_postgres: {
|
5540
|
+
# source: "Source",
|
5541
|
+
# },
|
5542
|
+
# parse_vpc: {
|
5543
|
+
# source: "Source",
|
5544
|
+
# },
|
5545
|
+
# parse_waf: {
|
5546
|
+
# source: "Source",
|
5547
|
+
# },
|
5548
|
+
# rename_keys: {
|
5549
|
+
# entries: [ # required
|
5550
|
+
# {
|
5551
|
+
# key: "Key", # required
|
5552
|
+
# rename_to: "RenameTo", # required
|
5553
|
+
# overwrite_if_exists: false,
|
5554
|
+
# },
|
5555
|
+
# ],
|
5556
|
+
# },
|
5557
|
+
# split_string: {
|
5558
|
+
# entries: [ # required
|
5559
|
+
# {
|
5560
|
+
# source: "Source", # required
|
5561
|
+
# delimiter: "Delimiter", # required
|
5562
|
+
# },
|
5563
|
+
# ],
|
5564
|
+
# },
|
5565
|
+
# substitute_string: {
|
5566
|
+
# entries: [ # required
|
5567
|
+
# {
|
5568
|
+
# source: "Source", # required
|
5569
|
+
# from: "FromKey", # required
|
5570
|
+
# to: "ToKey", # required
|
5571
|
+
# },
|
5572
|
+
# ],
|
5573
|
+
# },
|
5574
|
+
# trim_string: {
|
5575
|
+
# with_keys: ["WithKey"], # required
|
5576
|
+
# },
|
5577
|
+
# type_converter: {
|
5578
|
+
# entries: [ # required
|
5579
|
+
# {
|
5580
|
+
# key: "Key", # required
|
5581
|
+
# type: "boolean", # required, accepts boolean, integer, double, string
|
5582
|
+
# },
|
5583
|
+
# ],
|
5584
|
+
# },
|
5585
|
+
# upper_case_string: {
|
5586
|
+
# with_keys: ["WithKey"], # required
|
5587
|
+
# },
|
5588
|
+
# },
|
5589
|
+
# ],
|
5590
|
+
# })
|
5591
|
+
#
|
5592
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutTransformer AWS API Documentation
|
5593
|
+
#
|
5594
|
+
# @overload put_transformer(params = {})
|
5595
|
+
# @param [Hash] params ({})
|
5596
|
+
def put_transformer(params = {}, options = {})
|
5597
|
+
req = build_request(:put_transformer, params)
|
5598
|
+
req.send_request(options)
|
5599
|
+
end
|
5600
|
+
|
4766
5601
|
# Starts a Live Tail streaming session for one or more log groups. A
|
4767
5602
|
# Live Tail session returns a stream of log events that have been
|
4768
5603
|
# recently ingested in the log groups. For more information, see [Use
|
@@ -5050,9 +5885,9 @@ module Aws::CloudWatchLogs
|
|
5050
5885
|
req.send_request(options)
|
5051
5886
|
end
|
5052
5887
|
|
5053
|
-
#
|
5054
|
-
# specify the log
|
5055
|
-
# use.
|
5888
|
+
# Starts a query of one or more log groups using CloudWatch Logs
|
5889
|
+
# Insights. You specify the log groups and time range to query and the
|
5890
|
+
# query string to use.
|
5056
5891
|
#
|
5057
5892
|
# For more information, see [CloudWatch Logs Insights Query Syntax][1].
|
5058
5893
|
#
|
@@ -5060,8 +5895,22 @@ module Aws::CloudWatchLogs
|
|
5060
5895
|
# by CloudWatch Logs. You can use [GetQueryResults][2] to retrieve the
|
5061
5896
|
# results of a query, using the `queryId` that `StartQuery` returns.
|
5062
5897
|
#
|
5898
|
+
# <note markdown="1"> To specify the log groups to query, a `StartQuery` operation must
|
5899
|
+
# include one of the following:
|
5900
|
+
#
|
5901
|
+
# * Either exactly one of the following parameters: `logGroupName`,
|
5902
|
+
# `logGroupNames`, or `logGroupIdentifiers`
|
5903
|
+
#
|
5904
|
+
# * Or the `queryString` must include a `SOURCE` command to select log
|
5905
|
+
# groups for the query. The `SOURCE` command can select log groups
|
5906
|
+
# based on log group name prefix, account ID, and log class.
|
5907
|
+
#
|
5908
|
+
# For more information about the `SOURCE` command, see [SOURCE][3].
|
5909
|
+
#
|
5910
|
+
# </note>
|
5911
|
+
#
|
5063
5912
|
# If you have associated a KMS key with the query results in this
|
5064
|
-
# account, then [StartQuery][
|
5913
|
+
# account, then [StartQuery][4] uses that key to encrypt the results
|
5065
5914
|
# when it stores them. If no key is associated with query results, the
|
5066
5915
|
# query results are encrypted with the default CloudWatch Logs
|
5067
5916
|
# encryption method.
|
@@ -5073,7 +5922,7 @@ module Aws::CloudWatchLogs
|
|
5073
5922
|
# If you are using CloudWatch cross-account observability, you can use
|
5074
5923
|
# this operation in a monitoring account to start a query in a linked
|
5075
5924
|
# source account. For more information, see [CloudWatch cross-account
|
5076
|
-
# observability][
|
5925
|
+
# observability][5]. For a cross-account `StartQuery` operation, the
|
5077
5926
|
# query definition must be defined in the monitoring account.
|
5078
5927
|
#
|
5079
5928
|
# You can have up to 30 concurrent CloudWatch Logs insights queries,
|
@@ -5083,26 +5932,17 @@ module Aws::CloudWatchLogs
|
|
5083
5932
|
#
|
5084
5933
|
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html
|
5085
5934
|
# [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetQueryResults.html
|
5086
|
-
# [3]: https://docs.aws.amazon.com/
|
5087
|
-
# [4]: https://docs.aws.amazon.com/
|
5935
|
+
# [3]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax-Source.html
|
5936
|
+
# [4]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html
|
5937
|
+
# [5]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html
|
5088
5938
|
#
|
5089
5939
|
# @option params [String] :log_group_name
|
5090
5940
|
# The log group on which to perform the query.
|
5091
5941
|
#
|
5092
|
-
# <note markdown="1"> A `StartQuery` operation must include exactly one of the following
|
5093
|
-
# parameters: `logGroupName`, `logGroupNames`, or `logGroupIdentifiers`.
|
5094
|
-
#
|
5095
|
-
# </note>
|
5096
|
-
#
|
5097
5942
|
# @option params [Array<String>] :log_group_names
|
5098
5943
|
# The list of log groups to be queried. You can include up to 50 log
|
5099
5944
|
# groups.
|
5100
5945
|
#
|
5101
|
-
# <note markdown="1"> A `StartQuery` operation must include exactly one of the following
|
5102
|
-
# parameters: `logGroupName`, `logGroupNames`, or `logGroupIdentifiers`.
|
5103
|
-
#
|
5104
|
-
# </note>
|
5105
|
-
#
|
5106
5946
|
# @option params [Array<String>] :log_group_identifiers
|
5107
5947
|
# The list of log groups to query. You can include up to 50 log groups.
|
5108
5948
|
#
|
@@ -5111,7 +5951,9 @@ module Aws::CloudWatchLogs
|
|
5111
5951
|
# account, you must specify the ARN of the log group here. The query
|
5112
5952
|
# definition must also be defined in the monitoring account.
|
5113
5953
|
#
|
5114
|
-
# If you specify an ARN, the
|
5954
|
+
# If you specify an ARN, use the format
|
5955
|
+
# arn:aws:logs:*region*:*account-id*:log-group:*log\_group\_name* Don't
|
5956
|
+
# include an * at the end.
|
5115
5957
|
#
|
5116
5958
|
# A `StartQuery` operation must include exactly one of the following
|
5117
5959
|
# parameters: `logGroupName`, `logGroupNames`, or `logGroupIdentifiers`.
|
@@ -5349,6 +6191,179 @@ module Aws::CloudWatchLogs
|
|
5349
6191
|
req.send_request(options)
|
5350
6192
|
end
|
5351
6193
|
|
6194
|
+
# Use this operation to test a log transformer. You enter the
|
6195
|
+
# transformer configuration and a set of log events to test with. The
|
6196
|
+
# operation responds with an array that includes the original log events
|
6197
|
+
# and the transformed versions.
|
6198
|
+
#
|
6199
|
+
# @option params [required, Array<Types::Processor>] :transformer_config
|
6200
|
+
# This structure contains the configuration of this log transformer that
|
6201
|
+
# you want to test. A log transformer is an array of processors, where
|
6202
|
+
# each processor applies one type of transformation to the log events
|
6203
|
+
# that are ingested.
|
6204
|
+
#
|
6205
|
+
# @option params [required, Array<String>] :log_event_messages
|
6206
|
+
# An array of the raw log events that you want to use to test this
|
6207
|
+
# transformer.
|
6208
|
+
#
|
6209
|
+
# @return [Types::TestTransformerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
6210
|
+
#
|
6211
|
+
# * {Types::TestTransformerResponse#transformed_logs #transformed_logs} => Array<Types::TransformedLogRecord>
|
6212
|
+
#
|
6213
|
+
# @example Request syntax with placeholder values
|
6214
|
+
#
|
6215
|
+
# resp = client.test_transformer({
|
6216
|
+
# transformer_config: [ # required
|
6217
|
+
# {
|
6218
|
+
# add_keys: {
|
6219
|
+
# entries: [ # required
|
6220
|
+
# {
|
6221
|
+
# key: "Key", # required
|
6222
|
+
# value: "AddKeyValue", # required
|
6223
|
+
# overwrite_if_exists: false,
|
6224
|
+
# },
|
6225
|
+
# ],
|
6226
|
+
# },
|
6227
|
+
# copy_value: {
|
6228
|
+
# entries: [ # required
|
6229
|
+
# {
|
6230
|
+
# source: "Source", # required
|
6231
|
+
# target: "Target", # required
|
6232
|
+
# overwrite_if_exists: false,
|
6233
|
+
# },
|
6234
|
+
# ],
|
6235
|
+
# },
|
6236
|
+
# csv: {
|
6237
|
+
# quote_character: "QuoteCharacter",
|
6238
|
+
# delimiter: "Delimiter",
|
6239
|
+
# columns: ["Column"],
|
6240
|
+
# source: "Source",
|
6241
|
+
# },
|
6242
|
+
# date_time_converter: {
|
6243
|
+
# source: "Source", # required
|
6244
|
+
# target: "Target", # required
|
6245
|
+
# target_format: "TargetFormat",
|
6246
|
+
# match_patterns: ["MatchPattern"], # required
|
6247
|
+
# source_timezone: "SourceTimezone",
|
6248
|
+
# target_timezone: "TargetTimezone",
|
6249
|
+
# locale: "Locale",
|
6250
|
+
# },
|
6251
|
+
# delete_keys: {
|
6252
|
+
# with_keys: ["WithKey"], # required
|
6253
|
+
# },
|
6254
|
+
# grok: {
|
6255
|
+
# source: "Source",
|
6256
|
+
# match: "GrokMatch", # required
|
6257
|
+
# },
|
6258
|
+
# list_to_map: {
|
6259
|
+
# source: "Source", # required
|
6260
|
+
# key: "Key", # required
|
6261
|
+
# value_key: "ValueKey",
|
6262
|
+
# target: "Target",
|
6263
|
+
# flatten: false,
|
6264
|
+
# flattened_element: "first", # accepts first, last
|
6265
|
+
# },
|
6266
|
+
# lower_case_string: {
|
6267
|
+
# with_keys: ["WithKey"], # required
|
6268
|
+
# },
|
6269
|
+
# move_keys: {
|
6270
|
+
# entries: [ # required
|
6271
|
+
# {
|
6272
|
+
# source: "Source", # required
|
6273
|
+
# target: "Target", # required
|
6274
|
+
# overwrite_if_exists: false,
|
6275
|
+
# },
|
6276
|
+
# ],
|
6277
|
+
# },
|
6278
|
+
# parse_cloudfront: {
|
6279
|
+
# source: "Source",
|
6280
|
+
# },
|
6281
|
+
# parse_json: {
|
6282
|
+
# source: "Source",
|
6283
|
+
# destination: "DestinationField",
|
6284
|
+
# },
|
6285
|
+
# parse_key_value: {
|
6286
|
+
# source: "Source",
|
6287
|
+
# destination: "DestinationField",
|
6288
|
+
# field_delimiter: "ParserFieldDelimiter",
|
6289
|
+
# key_value_delimiter: "KeyValueDelimiter",
|
6290
|
+
# key_prefix: "KeyPrefix",
|
6291
|
+
# non_match_value: "NonMatchValue",
|
6292
|
+
# overwrite_if_exists: false,
|
6293
|
+
# },
|
6294
|
+
# parse_route_53: {
|
6295
|
+
# source: "Source",
|
6296
|
+
# },
|
6297
|
+
# parse_postgres: {
|
6298
|
+
# source: "Source",
|
6299
|
+
# },
|
6300
|
+
# parse_vpc: {
|
6301
|
+
# source: "Source",
|
6302
|
+
# },
|
6303
|
+
# parse_waf: {
|
6304
|
+
# source: "Source",
|
6305
|
+
# },
|
6306
|
+
# rename_keys: {
|
6307
|
+
# entries: [ # required
|
6308
|
+
# {
|
6309
|
+
# key: "Key", # required
|
6310
|
+
# rename_to: "RenameTo", # required
|
6311
|
+
# overwrite_if_exists: false,
|
6312
|
+
# },
|
6313
|
+
# ],
|
6314
|
+
# },
|
6315
|
+
# split_string: {
|
6316
|
+
# entries: [ # required
|
6317
|
+
# {
|
6318
|
+
# source: "Source", # required
|
6319
|
+
# delimiter: "Delimiter", # required
|
6320
|
+
# },
|
6321
|
+
# ],
|
6322
|
+
# },
|
6323
|
+
# substitute_string: {
|
6324
|
+
# entries: [ # required
|
6325
|
+
# {
|
6326
|
+
# source: "Source", # required
|
6327
|
+
# from: "FromKey", # required
|
6328
|
+
# to: "ToKey", # required
|
6329
|
+
# },
|
6330
|
+
# ],
|
6331
|
+
# },
|
6332
|
+
# trim_string: {
|
6333
|
+
# with_keys: ["WithKey"], # required
|
6334
|
+
# },
|
6335
|
+
# type_converter: {
|
6336
|
+
# entries: [ # required
|
6337
|
+
# {
|
6338
|
+
# key: "Key", # required
|
6339
|
+
# type: "boolean", # required, accepts boolean, integer, double, string
|
6340
|
+
# },
|
6341
|
+
# ],
|
6342
|
+
# },
|
6343
|
+
# upper_case_string: {
|
6344
|
+
# with_keys: ["WithKey"], # required
|
6345
|
+
# },
|
6346
|
+
# },
|
6347
|
+
# ],
|
6348
|
+
# log_event_messages: ["EventMessage"], # required
|
6349
|
+
# })
|
6350
|
+
#
|
6351
|
+
# @example Response structure
|
6352
|
+
#
|
6353
|
+
# resp.transformed_logs #=> Array
|
6354
|
+
# resp.transformed_logs[0].event_number #=> Integer
|
6355
|
+
# resp.transformed_logs[0].event_message #=> String
|
6356
|
+
# resp.transformed_logs[0].transformed_event_message #=> String
|
6357
|
+
#
|
6358
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TestTransformer AWS API Documentation
|
6359
|
+
#
|
6360
|
+
# @overload test_transformer(params = {})
|
6361
|
+
# @param [Hash] params ({})
|
6362
|
+
def test_transformer(params = {}, options = {})
|
6363
|
+
req = build_request(:test_transformer, params)
|
6364
|
+
req.send_request(options)
|
6365
|
+
end
|
6366
|
+
|
5352
6367
|
# The UntagLogGroup operation is on the path to deprecation. We
|
5353
6368
|
# recommend that you use [UntagResource][1] instead.
|
5354
6369
|
#
|
@@ -5627,7 +6642,7 @@ module Aws::CloudWatchLogs
|
|
5627
6642
|
tracer: tracer
|
5628
6643
|
)
|
5629
6644
|
context[:gem_name] = 'aws-sdk-cloudwatchlogs'
|
5630
|
-
context[:gem_version] = '1.
|
6645
|
+
context[:gem_version] = '1.103.0'
|
5631
6646
|
Seahorse::Client::Request.new(handlers, context)
|
5632
6647
|
end
|
5633
6648
|
|