aws-sdk-cloudwatchlogs 1.102.0 → 1.103.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-cloudwatchlogs/client.rb +1062 -46
- data/lib/aws-sdk-cloudwatchlogs/client_api.rb +493 -0
- data/lib/aws-sdk-cloudwatchlogs/types.rb +1770 -65
- data/lib/aws-sdk-cloudwatchlogs.rb +1 -1
- data/sig/client.rbs +366 -6
- data/sig/types.rbs +334 -4
- metadata +2 -2
@@ -1109,9 +1109,10 @@ module Aws::CloudWatchLogs
|
|
1109
1109
|
req.send_request(options)
|
1110
1110
|
end
|
1111
1111
|
|
1112
|
-
# Deletes a CloudWatch Logs account policy. This stops the
|
1113
|
-
# applying to
|
1114
|
-
#
|
1112
|
+
# Deletes a CloudWatch Logs account policy. This stops the account-wide
|
1113
|
+
# policy from applying to log groups in the account. If you delete a
|
1114
|
+
# data protection policy or subscription filter policy, any log-group
|
1115
|
+
# level policies of those types remain in effect.
|
1115
1116
|
#
|
1116
1117
|
# To use this operation, you must be signed on with the correct
|
1117
1118
|
# permissions depending on the type of policy that you are deleting.
|
@@ -1124,6 +1125,16 @@ module Aws::CloudWatchLogs
|
|
1124
1125
|
# `logs:DeleteSubscriptionFilter` and `logs:DeleteAccountPolicy`
|
1125
1126
|
# permissions.
|
1126
1127
|
#
|
1128
|
+
# * To delete a transformer policy, you must have the
|
1129
|
+
# `logs:DeleteTransformer` and `logs:DeleteAccountPolicy` permissions.
|
1130
|
+
#
|
1131
|
+
# * To delete a field index policy, you must have the
|
1132
|
+
# `logs:DeleteIndexPolicy` and `logs:DeleteAccountPolicy` permissions.
|
1133
|
+
#
|
1134
|
+
# If you delete a field index policy, the indexing of the log events
|
1135
|
+
# that happened before you deleted the policy will still be used for up
|
1136
|
+
# to 30 days to improve CloudWatch Logs Insights queries.
|
1137
|
+
#
|
1127
1138
|
# @option params [required, String] :policy_name
|
1128
1139
|
# The name of the policy to delete.
|
1129
1140
|
#
|
@@ -1136,7 +1147,7 @@ module Aws::CloudWatchLogs
|
|
1136
1147
|
#
|
1137
1148
|
# resp = client.delete_account_policy({
|
1138
1149
|
# policy_name: "PolicyName", # required
|
1139
|
-
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY
|
1150
|
+
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
|
1140
1151
|
# })
|
1141
1152
|
#
|
1142
1153
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteAccountPolicy AWS API Documentation
|
@@ -1331,6 +1342,44 @@ module Aws::CloudWatchLogs
|
|
1331
1342
|
req.send_request(options)
|
1332
1343
|
end
|
1333
1344
|
|
1345
|
+
# Deletes a log-group level field index policy that was applied to a
|
1346
|
+
# single log group. The indexing of the log events that happened before
|
1347
|
+
# you delete the policy will still be used for as many as 30 days to
|
1348
|
+
# improve CloudWatch Logs Insights queries.
|
1349
|
+
#
|
1350
|
+
# You can't use this operation to delete an account-level index policy.
|
1351
|
+
# Instead, use [DeletAccountPolicy][1].
|
1352
|
+
#
|
1353
|
+
# If you delete a log-group level field index policy and there is an
|
1354
|
+
# account-level field index policy, in a few minutes the log group
|
1355
|
+
# begins using that account-wide policy to index new incoming log
|
1356
|
+
# events.
|
1357
|
+
#
|
1358
|
+
#
|
1359
|
+
#
|
1360
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteAccountPolicy.html
|
1361
|
+
#
|
1362
|
+
# @option params [required, String] :log_group_identifier
|
1363
|
+
# The log group to delete the index policy for. You can specify either
|
1364
|
+
# the name or the ARN of the log group.
|
1365
|
+
#
|
1366
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1367
|
+
#
|
1368
|
+
# @example Request syntax with placeholder values
|
1369
|
+
#
|
1370
|
+
# resp = client.delete_index_policy({
|
1371
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
1372
|
+
# })
|
1373
|
+
#
|
1374
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteIndexPolicy AWS API Documentation
|
1375
|
+
#
|
1376
|
+
# @overload delete_index_policy(params = {})
|
1377
|
+
# @param [Hash] params ({})
|
1378
|
+
def delete_index_policy(params = {}, options = {})
|
1379
|
+
req = build_request(:delete_index_policy, params)
|
1380
|
+
req.send_request(options)
|
1381
|
+
end
|
1382
|
+
|
1334
1383
|
# Deletes the specified CloudWatch Logs anomaly detector.
|
1335
1384
|
#
|
1336
1385
|
# @option params [required, String] :anomaly_detector_arn
|
@@ -1551,6 +1600,39 @@ module Aws::CloudWatchLogs
|
|
1551
1600
|
req.send_request(options)
|
1552
1601
|
end
|
1553
1602
|
|
1603
|
+
# Deletes the log transformer for the specified log group. As soon as
|
1604
|
+
# you do this, the transformation of incoming log events according to
|
1605
|
+
# that transformer stops. If this account has an account-level
|
1606
|
+
# transformer that applies to this log group, the log group begins using
|
1607
|
+
# that account-level transformer when this log-group level transformer
|
1608
|
+
# is deleted.
|
1609
|
+
#
|
1610
|
+
# After you delete a transformer, be sure to edit any metric filters or
|
1611
|
+
# subscription filters that relied on the transformed versions of the
|
1612
|
+
# log events.
|
1613
|
+
#
|
1614
|
+
# @option params [required, String] :log_group_identifier
|
1615
|
+
# Specify either the name or ARN of the log group to delete the
|
1616
|
+
# transformer for. If the log group is in a source account and you are
|
1617
|
+
# using a monitoring account, you must use the log group ARN.
|
1618
|
+
#
|
1619
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1620
|
+
#
|
1621
|
+
# @example Request syntax with placeholder values
|
1622
|
+
#
|
1623
|
+
# resp = client.delete_transformer({
|
1624
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
1625
|
+
# })
|
1626
|
+
#
|
1627
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteTransformer AWS API Documentation
|
1628
|
+
#
|
1629
|
+
# @overload delete_transformer(params = {})
|
1630
|
+
# @param [Hash] params ({})
|
1631
|
+
def delete_transformer(params = {}, options = {})
|
1632
|
+
req = build_request(:delete_transformer, params)
|
1633
|
+
req.send_request(options)
|
1634
|
+
end
|
1635
|
+
|
1554
1636
|
# Returns a list of all CloudWatch Logs account policies in the account.
|
1555
1637
|
#
|
1556
1638
|
# @option params [required, String] :policy_type
|
@@ -1571,16 +1653,22 @@ module Aws::CloudWatchLogs
|
|
1571
1653
|
# If you omit this parameter, only the policy in the current account is
|
1572
1654
|
# returned.
|
1573
1655
|
#
|
1656
|
+
# @option params [String] :next_token
|
1657
|
+
# The token for the next set of items to return. (You received this
|
1658
|
+
# token from a previous call.)
|
1659
|
+
#
|
1574
1660
|
# @return [Types::DescribeAccountPoliciesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1575
1661
|
#
|
1576
1662
|
# * {Types::DescribeAccountPoliciesResponse#account_policies #account_policies} => Array<Types::AccountPolicy>
|
1663
|
+
# * {Types::DescribeAccountPoliciesResponse#next_token #next_token} => String
|
1577
1664
|
#
|
1578
1665
|
# @example Request syntax with placeholder values
|
1579
1666
|
#
|
1580
1667
|
# resp = client.describe_account_policies({
|
1581
|
-
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY
|
1668
|
+
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
|
1582
1669
|
# policy_name: "PolicyName",
|
1583
1670
|
# account_identifiers: ["AccountId"],
|
1671
|
+
# next_token: "NextToken",
|
1584
1672
|
# })
|
1585
1673
|
#
|
1586
1674
|
# @example Response structure
|
@@ -1589,10 +1677,11 @@ module Aws::CloudWatchLogs
|
|
1589
1677
|
# resp.account_policies[0].policy_name #=> String
|
1590
1678
|
# resp.account_policies[0].policy_document #=> String
|
1591
1679
|
# resp.account_policies[0].last_updated_time #=> Integer
|
1592
|
-
# resp.account_policies[0].policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY"
|
1680
|
+
# resp.account_policies[0].policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY", "FIELD_INDEX_POLICY", "TRANSFORMER_POLICY"
|
1593
1681
|
# resp.account_policies[0].scope #=> String, one of "ALL"
|
1594
1682
|
# resp.account_policies[0].selection_criteria #=> String
|
1595
1683
|
# resp.account_policies[0].account_id #=> String
|
1684
|
+
# resp.next_token #=> String
|
1596
1685
|
#
|
1597
1686
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeAccountPolicies AWS API Documentation
|
1598
1687
|
#
|
@@ -1958,6 +2047,110 @@ module Aws::CloudWatchLogs
|
|
1958
2047
|
req.send_request(options)
|
1959
2048
|
end
|
1960
2049
|
|
2050
|
+
# Returns a list of field indexes listed in the field index policies of
|
2051
|
+
# one or more log groups. For more information about field index
|
2052
|
+
# policies, see [PutIndexPolicy][1].
|
2053
|
+
#
|
2054
|
+
#
|
2055
|
+
#
|
2056
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutIndexPolicy.html
|
2057
|
+
#
|
2058
|
+
# @option params [required, Array<String>] :log_group_identifiers
|
2059
|
+
# An array containing the names or ARNs of the log groups that you want
|
2060
|
+
# to retrieve field indexes for.
|
2061
|
+
#
|
2062
|
+
# @option params [String] :next_token
|
2063
|
+
# The token for the next set of items to return. The token expires after
|
2064
|
+
# 24 hours.
|
2065
|
+
#
|
2066
|
+
# @return [Types::DescribeFieldIndexesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2067
|
+
#
|
2068
|
+
# * {Types::DescribeFieldIndexesResponse#field_indexes #field_indexes} => Array<Types::FieldIndex>
|
2069
|
+
# * {Types::DescribeFieldIndexesResponse#next_token #next_token} => String
|
2070
|
+
#
|
2071
|
+
# @example Request syntax with placeholder values
|
2072
|
+
#
|
2073
|
+
# resp = client.describe_field_indexes({
|
2074
|
+
# log_group_identifiers: ["LogGroupIdentifier"], # required
|
2075
|
+
# next_token: "NextToken",
|
2076
|
+
# })
|
2077
|
+
#
|
2078
|
+
# @example Response structure
|
2079
|
+
#
|
2080
|
+
# resp.field_indexes #=> Array
|
2081
|
+
# resp.field_indexes[0].log_group_identifier #=> String
|
2082
|
+
# resp.field_indexes[0].field_index_name #=> String
|
2083
|
+
# resp.field_indexes[0].last_scan_time #=> Integer
|
2084
|
+
# resp.field_indexes[0].first_event_time #=> Integer
|
2085
|
+
# resp.field_indexes[0].last_event_time #=> Integer
|
2086
|
+
# resp.next_token #=> String
|
2087
|
+
#
|
2088
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeFieldIndexes AWS API Documentation
|
2089
|
+
#
|
2090
|
+
# @overload describe_field_indexes(params = {})
|
2091
|
+
# @param [Hash] params ({})
|
2092
|
+
def describe_field_indexes(params = {}, options = {})
|
2093
|
+
req = build_request(:describe_field_indexes, params)
|
2094
|
+
req.send_request(options)
|
2095
|
+
end
|
2096
|
+
|
2097
|
+
# Returns the field index policies of one or more log groups. For more
|
2098
|
+
# information about field index policies, see [PutIndexPolicy][1].
|
2099
|
+
#
|
2100
|
+
# If a specified log group has a log-group level index policy, that
|
2101
|
+
# policy is returned by this operation.
|
2102
|
+
#
|
2103
|
+
# If a specified log group doesn't have a log-group level index policy,
|
2104
|
+
# but an account-wide index policy applies to it, that account-wide
|
2105
|
+
# policy is returned by this operation.
|
2106
|
+
#
|
2107
|
+
# To find information about only account-level policies, use
|
2108
|
+
# [DescribeAccountPolicies][2] instead.
|
2109
|
+
#
|
2110
|
+
#
|
2111
|
+
#
|
2112
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutIndexPolicy.html
|
2113
|
+
# [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeAccountPolicies.html
|
2114
|
+
#
|
2115
|
+
# @option params [required, Array<String>] :log_group_identifiers
|
2116
|
+
# An array containing the name or ARN of the log group that you want to
|
2117
|
+
# retrieve field index policies for.
|
2118
|
+
#
|
2119
|
+
# @option params [String] :next_token
|
2120
|
+
# The token for the next set of items to return. The token expires after
|
2121
|
+
# 24 hours.
|
2122
|
+
#
|
2123
|
+
# @return [Types::DescribeIndexPoliciesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2124
|
+
#
|
2125
|
+
# * {Types::DescribeIndexPoliciesResponse#index_policies #index_policies} => Array<Types::IndexPolicy>
|
2126
|
+
# * {Types::DescribeIndexPoliciesResponse#next_token #next_token} => String
|
2127
|
+
#
|
2128
|
+
# @example Request syntax with placeholder values
|
2129
|
+
#
|
2130
|
+
# resp = client.describe_index_policies({
|
2131
|
+
# log_group_identifiers: ["LogGroupIdentifier"], # required
|
2132
|
+
# next_token: "NextToken",
|
2133
|
+
# })
|
2134
|
+
#
|
2135
|
+
# @example Response structure
|
2136
|
+
#
|
2137
|
+
# resp.index_policies #=> Array
|
2138
|
+
# resp.index_policies[0].log_group_identifier #=> String
|
2139
|
+
# resp.index_policies[0].last_update_time #=> Integer
|
2140
|
+
# resp.index_policies[0].policy_document #=> String
|
2141
|
+
# resp.index_policies[0].policy_name #=> String
|
2142
|
+
# resp.index_policies[0].source #=> String, one of "ACCOUNT", "LOG_GROUP"
|
2143
|
+
# resp.next_token #=> String
|
2144
|
+
#
|
2145
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeIndexPolicies AWS API Documentation
|
2146
|
+
#
|
2147
|
+
# @overload describe_index_policies(params = {})
|
2148
|
+
# @param [Hash] params ({})
|
2149
|
+
def describe_index_policies(params = {}, options = {})
|
2150
|
+
req = build_request(:describe_index_policies, params)
|
2151
|
+
req.send_request(options)
|
2152
|
+
end
|
2153
|
+
|
1961
2154
|
# Lists the specified log groups. You can list all your log groups or
|
1962
2155
|
# filter the results by prefix. The results are ASCII-sorted by log
|
1963
2156
|
# group name.
|
@@ -2260,6 +2453,7 @@ module Aws::CloudWatchLogs
|
|
2260
2453
|
# resp.metric_filters[0].metric_transformations[0].unit #=> String, one of "Seconds", "Microseconds", "Milliseconds", "Bytes", "Kilobytes", "Megabytes", "Gigabytes", "Terabytes", "Bits", "Kilobits", "Megabits", "Gigabits", "Terabits", "Percent", "Count", "Bytes/Second", "Kilobytes/Second", "Megabytes/Second", "Gigabytes/Second", "Terabytes/Second", "Bits/Second", "Kilobits/Second", "Megabits/Second", "Gigabits/Second", "Terabits/Second", "Count/Second", "None"
|
2261
2454
|
# resp.metric_filters[0].creation_time #=> Integer
|
2262
2455
|
# resp.metric_filters[0].log_group_name #=> String
|
2456
|
+
# resp.metric_filters[0].apply_on_transformed_logs #=> Boolean
|
2263
2457
|
# resp.next_token #=> String
|
2264
2458
|
#
|
2265
2459
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeMetricFilters AWS API Documentation
|
@@ -2461,6 +2655,7 @@ module Aws::CloudWatchLogs
|
|
2461
2655
|
# resp.subscription_filters[0].destination_arn #=> String
|
2462
2656
|
# resp.subscription_filters[0].role_arn #=> String
|
2463
2657
|
# resp.subscription_filters[0].distribution #=> String, one of "Random", "ByLogStream"
|
2658
|
+
# resp.subscription_filters[0].apply_on_transformed_logs #=> Boolean
|
2464
2659
|
# resp.subscription_filters[0].creation_time #=> Integer
|
2465
2660
|
# resp.next_token #=> String
|
2466
2661
|
#
|
@@ -3255,7 +3450,10 @@ module Aws::CloudWatchLogs
|
|
3255
3450
|
# resp.results[0][0].value #=> String
|
3256
3451
|
# resp.statistics.records_matched #=> Float
|
3257
3452
|
# resp.statistics.records_scanned #=> Float
|
3453
|
+
# resp.statistics.estimated_records_skipped #=> Float
|
3258
3454
|
# resp.statistics.bytes_scanned #=> Float
|
3455
|
+
# resp.statistics.estimated_bytes_skipped #=> Float
|
3456
|
+
# resp.statistics.log_groups_scanned #=> Float
|
3259
3457
|
# resp.status #=> String, one of "Scheduled", "Running", "Complete", "Failed", "Cancelled", "Timeout", "Unknown"
|
3260
3458
|
# resp.encryption_key #=> String
|
3261
3459
|
#
|
@@ -3268,6 +3466,120 @@ module Aws::CloudWatchLogs
|
|
3268
3466
|
req.send_request(options)
|
3269
3467
|
end
|
3270
3468
|
|
3469
|
+
# Returns the information about the log transformer associated with this
|
3470
|
+
# log group.
|
3471
|
+
#
|
3472
|
+
# This operation returns data only for transformers created at the log
|
3473
|
+
# group level. To get information for an account-level transformer, use
|
3474
|
+
# [DescribeAccountPolicies][1].
|
3475
|
+
#
|
3476
|
+
#
|
3477
|
+
#
|
3478
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeAccountPolicies.html
|
3479
|
+
#
|
3480
|
+
# @option params [required, String] :log_group_identifier
|
3481
|
+
# Specify either the name or ARN of the log group to return transformer
|
3482
|
+
# information for. If the log group is in a source account and you are
|
3483
|
+
# using a monitoring account, you must use the log group ARN.
|
3484
|
+
#
|
3485
|
+
# @return [Types::GetTransformerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3486
|
+
#
|
3487
|
+
# * {Types::GetTransformerResponse#log_group_identifier #log_group_identifier} => String
|
3488
|
+
# * {Types::GetTransformerResponse#creation_time #creation_time} => Integer
|
3489
|
+
# * {Types::GetTransformerResponse#last_modified_time #last_modified_time} => Integer
|
3490
|
+
# * {Types::GetTransformerResponse#transformer_config #transformer_config} => Array<Types::Processor>
|
3491
|
+
#
|
3492
|
+
# @example Request syntax with placeholder values
|
3493
|
+
#
|
3494
|
+
# resp = client.get_transformer({
|
3495
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
3496
|
+
# })
|
3497
|
+
#
|
3498
|
+
# @example Response structure
|
3499
|
+
#
|
3500
|
+
# resp.log_group_identifier #=> String
|
3501
|
+
# resp.creation_time #=> Integer
|
3502
|
+
# resp.last_modified_time #=> Integer
|
3503
|
+
# resp.transformer_config #=> Array
|
3504
|
+
# resp.transformer_config[0].add_keys.entries #=> Array
|
3505
|
+
# resp.transformer_config[0].add_keys.entries[0].key #=> String
|
3506
|
+
# resp.transformer_config[0].add_keys.entries[0].value #=> String
|
3507
|
+
# resp.transformer_config[0].add_keys.entries[0].overwrite_if_exists #=> Boolean
|
3508
|
+
# resp.transformer_config[0].copy_value.entries #=> Array
|
3509
|
+
# resp.transformer_config[0].copy_value.entries[0].source #=> String
|
3510
|
+
# resp.transformer_config[0].copy_value.entries[0].target #=> String
|
3511
|
+
# resp.transformer_config[0].copy_value.entries[0].overwrite_if_exists #=> Boolean
|
3512
|
+
# resp.transformer_config[0].csv.quote_character #=> String
|
3513
|
+
# resp.transformer_config[0].csv.delimiter #=> String
|
3514
|
+
# resp.transformer_config[0].csv.columns #=> Array
|
3515
|
+
# resp.transformer_config[0].csv.columns[0] #=> String
|
3516
|
+
# resp.transformer_config[0].csv.source #=> String
|
3517
|
+
# resp.transformer_config[0].date_time_converter.source #=> String
|
3518
|
+
# resp.transformer_config[0].date_time_converter.target #=> String
|
3519
|
+
# resp.transformer_config[0].date_time_converter.target_format #=> String
|
3520
|
+
# resp.transformer_config[0].date_time_converter.match_patterns #=> Array
|
3521
|
+
# resp.transformer_config[0].date_time_converter.match_patterns[0] #=> String
|
3522
|
+
# resp.transformer_config[0].date_time_converter.source_timezone #=> String
|
3523
|
+
# resp.transformer_config[0].date_time_converter.target_timezone #=> String
|
3524
|
+
# resp.transformer_config[0].date_time_converter.locale #=> String
|
3525
|
+
# resp.transformer_config[0].delete_keys.with_keys #=> Array
|
3526
|
+
# resp.transformer_config[0].delete_keys.with_keys[0] #=> String
|
3527
|
+
# resp.transformer_config[0].grok.source #=> String
|
3528
|
+
# resp.transformer_config[0].grok.match #=> String
|
3529
|
+
# resp.transformer_config[0].list_to_map.source #=> String
|
3530
|
+
# resp.transformer_config[0].list_to_map.key #=> String
|
3531
|
+
# resp.transformer_config[0].list_to_map.value_key #=> String
|
3532
|
+
# resp.transformer_config[0].list_to_map.target #=> String
|
3533
|
+
# resp.transformer_config[0].list_to_map.flatten #=> Boolean
|
3534
|
+
# resp.transformer_config[0].list_to_map.flattened_element #=> String, one of "first", "last"
|
3535
|
+
# resp.transformer_config[0].lower_case_string.with_keys #=> Array
|
3536
|
+
# resp.transformer_config[0].lower_case_string.with_keys[0] #=> String
|
3537
|
+
# resp.transformer_config[0].move_keys.entries #=> Array
|
3538
|
+
# resp.transformer_config[0].move_keys.entries[0].source #=> String
|
3539
|
+
# resp.transformer_config[0].move_keys.entries[0].target #=> String
|
3540
|
+
# resp.transformer_config[0].move_keys.entries[0].overwrite_if_exists #=> Boolean
|
3541
|
+
# resp.transformer_config[0].parse_cloudfront.source #=> String
|
3542
|
+
# resp.transformer_config[0].parse_json.source #=> String
|
3543
|
+
# resp.transformer_config[0].parse_json.destination #=> String
|
3544
|
+
# resp.transformer_config[0].parse_key_value.source #=> String
|
3545
|
+
# resp.transformer_config[0].parse_key_value.destination #=> String
|
3546
|
+
# resp.transformer_config[0].parse_key_value.field_delimiter #=> String
|
3547
|
+
# resp.transformer_config[0].parse_key_value.key_value_delimiter #=> String
|
3548
|
+
# resp.transformer_config[0].parse_key_value.key_prefix #=> String
|
3549
|
+
# resp.transformer_config[0].parse_key_value.non_match_value #=> String
|
3550
|
+
# resp.transformer_config[0].parse_key_value.overwrite_if_exists #=> Boolean
|
3551
|
+
# resp.transformer_config[0].parse_route_53.source #=> String
|
3552
|
+
# resp.transformer_config[0].parse_postgres.source #=> String
|
3553
|
+
# resp.transformer_config[0].parse_vpc.source #=> String
|
3554
|
+
# resp.transformer_config[0].parse_waf.source #=> String
|
3555
|
+
# resp.transformer_config[0].rename_keys.entries #=> Array
|
3556
|
+
# resp.transformer_config[0].rename_keys.entries[0].key #=> String
|
3557
|
+
# resp.transformer_config[0].rename_keys.entries[0].rename_to #=> String
|
3558
|
+
# resp.transformer_config[0].rename_keys.entries[0].overwrite_if_exists #=> Boolean
|
3559
|
+
# resp.transformer_config[0].split_string.entries #=> Array
|
3560
|
+
# resp.transformer_config[0].split_string.entries[0].source #=> String
|
3561
|
+
# resp.transformer_config[0].split_string.entries[0].delimiter #=> String
|
3562
|
+
# resp.transformer_config[0].substitute_string.entries #=> Array
|
3563
|
+
# resp.transformer_config[0].substitute_string.entries[0].source #=> String
|
3564
|
+
# resp.transformer_config[0].substitute_string.entries[0].from #=> String
|
3565
|
+
# resp.transformer_config[0].substitute_string.entries[0].to #=> String
|
3566
|
+
# resp.transformer_config[0].trim_string.with_keys #=> Array
|
3567
|
+
# resp.transformer_config[0].trim_string.with_keys[0] #=> String
|
3568
|
+
# resp.transformer_config[0].type_converter.entries #=> Array
|
3569
|
+
# resp.transformer_config[0].type_converter.entries[0].key #=> String
|
3570
|
+
# resp.transformer_config[0].type_converter.entries[0].type #=> String, one of "boolean", "integer", "double", "string"
|
3571
|
+
# resp.transformer_config[0].upper_case_string.with_keys #=> Array
|
3572
|
+
# resp.transformer_config[0].upper_case_string.with_keys[0] #=> String
|
3573
|
+
#
|
3574
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetTransformer AWS API Documentation
|
3575
|
+
#
|
3576
|
+
# @overload get_transformer(params = {})
|
3577
|
+
# @param [Hash] params ({})
|
3578
|
+
def get_transformer(params = {}, options = {})
|
3579
|
+
req = build_request(:get_transformer, params)
|
3580
|
+
req.send_request(options)
|
3581
|
+
end
|
3582
|
+
|
3271
3583
|
# Returns a list of anomalies that log anomaly detectors have found. For
|
3272
3584
|
# details about the structure format of each anomaly object that is
|
3273
3585
|
# returned, see the example in this section.
|
@@ -3401,6 +3713,63 @@ module Aws::CloudWatchLogs
|
|
3401
3713
|
req.send_request(options)
|
3402
3714
|
end
|
3403
3715
|
|
3716
|
+
# Returns a list of the log groups that were analyzed during a single
|
3717
|
+
# CloudWatch Logs Insights query. This can be useful for queries that
|
3718
|
+
# use log group name prefixes or the `filterIndex` command, because the
|
3719
|
+
# log groups are dynamically selected in these cases.
|
3720
|
+
#
|
3721
|
+
# For more information about field indexes, see [Create field indexes to
|
3722
|
+
# improve query performance and reduce costs][1].
|
3723
|
+
#
|
3724
|
+
#
|
3725
|
+
#
|
3726
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html
|
3727
|
+
#
|
3728
|
+
# @option params [required, String] :query_id
|
3729
|
+
# The ID of the query to use. This query ID is from the response to your
|
3730
|
+
# [StartQuery][1] operation.
|
3731
|
+
#
|
3732
|
+
#
|
3733
|
+
#
|
3734
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html
|
3735
|
+
#
|
3736
|
+
# @option params [String] :next_token
|
3737
|
+
# The token for the next set of items to return. The token expires after
|
3738
|
+
# 24 hours.
|
3739
|
+
#
|
3740
|
+
# @option params [Integer] :max_results
|
3741
|
+
# Limits the number of returned log groups to the specified number.
|
3742
|
+
#
|
3743
|
+
# @return [Types::ListLogGroupsForQueryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3744
|
+
#
|
3745
|
+
# * {Types::ListLogGroupsForQueryResponse#log_group_identifiers #log_group_identifiers} => Array<String>
|
3746
|
+
# * {Types::ListLogGroupsForQueryResponse#next_token #next_token} => String
|
3747
|
+
#
|
3748
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
3749
|
+
#
|
3750
|
+
# @example Request syntax with placeholder values
|
3751
|
+
#
|
3752
|
+
# resp = client.list_log_groups_for_query({
|
3753
|
+
# query_id: "QueryId", # required
|
3754
|
+
# next_token: "NextToken",
|
3755
|
+
# max_results: 1,
|
3756
|
+
# })
|
3757
|
+
#
|
3758
|
+
# @example Response structure
|
3759
|
+
#
|
3760
|
+
# resp.log_group_identifiers #=> Array
|
3761
|
+
# resp.log_group_identifiers[0] #=> String
|
3762
|
+
# resp.next_token #=> String
|
3763
|
+
#
|
3764
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListLogGroupsForQuery AWS API Documentation
|
3765
|
+
#
|
3766
|
+
# @overload list_log_groups_for_query(params = {})
|
3767
|
+
# @param [Hash] params ({})
|
3768
|
+
def list_log_groups_for_query(params = {}, options = {})
|
3769
|
+
req = build_request(:list_log_groups_for_query, params)
|
3770
|
+
req.send_request(options)
|
3771
|
+
end
|
3772
|
+
|
3404
3773
|
# Displays the tags associated with a CloudWatch Logs resource.
|
3405
3774
|
# Currently, log groups and destinations support tagging.
|
3406
3775
|
#
|
@@ -3480,9 +3849,9 @@ module Aws::CloudWatchLogs
|
|
3480
3849
|
req.send_request(options)
|
3481
3850
|
end
|
3482
3851
|
|
3483
|
-
# Creates an account-level data protection policy
|
3484
|
-
# policy that applies to all log groups or a
|
3485
|
-
# account.
|
3852
|
+
# Creates an account-level data protection policy, subscription filter
|
3853
|
+
# policy, or field index policy that applies to all log groups or a
|
3854
|
+
# subset of log groups in the account.
|
3486
3855
|
#
|
3487
3856
|
# **Data protection policy**
|
3488
3857
|
#
|
@@ -3555,6 +3924,102 @@ module Aws::CloudWatchLogs
|
|
3555
3924
|
# subscription filter operation for any destination except a Lambda
|
3556
3925
|
# function, you must also have the `iam:PassRole` permission.
|
3557
3926
|
#
|
3927
|
+
# **Transformer policy**
|
3928
|
+
#
|
3929
|
+
# Creates or updates a *log transformer policy* for your account. You
|
3930
|
+
# use log transformers to transform log events into a different format,
|
3931
|
+
# making them easier for you to process and analyze. You can also
|
3932
|
+
# transform logs from different sources into standardized formats that
|
3933
|
+
# contain relevant, source-specific information. After you have created
|
3934
|
+
# a transformer, CloudWatch Logs performs this transformation at the
|
3935
|
+
# time of log ingestion. You can then refer to the transformed versions
|
3936
|
+
# of the logs during operations such as querying with CloudWatch Logs
|
3937
|
+
# Insights or creating metric filters or subscription filters.
|
3938
|
+
#
|
3939
|
+
# You can also use a transformer to copy metadata from metadata keys
|
3940
|
+
# into the log events themselves. This metadata can include log group
|
3941
|
+
# name, log stream name, account ID and Region.
|
3942
|
+
#
|
3943
|
+
# A transformer for a log group is a series of processors, where each
|
3944
|
+
# processor applies one type of transformation to the log events
|
3945
|
+
# ingested into this log group. For more information about the available
|
3946
|
+
# processors to use in a transformer, see [ Processors that you can
|
3947
|
+
# use][6].
|
3948
|
+
#
|
3949
|
+
# Having log events in standardized format enables visibility across
|
3950
|
+
# your applications for your log analysis, reporting, and alarming
|
3951
|
+
# needs. CloudWatch Logs provides transformation for common log types
|
3952
|
+
# with out-of-the-box transformation templates for major Amazon Web
|
3953
|
+
# Services log sources such as VPC flow logs, Lambda, and Amazon RDS.
|
3954
|
+
# You can use pre-built transformation templates or create custom
|
3955
|
+
# transformation policies.
|
3956
|
+
#
|
3957
|
+
# You can create transformers only for the log groups in the Standard
|
3958
|
+
# log class.
|
3959
|
+
#
|
3960
|
+
# You can have one account-level transformer policy that applies to all
|
3961
|
+
# log groups in the account. Or you can create as many as 20
|
3962
|
+
# account-level transformer policies that are each scoped to a subset of
|
3963
|
+
# log groups with the `selectionCriteria` parameter. If you have
|
3964
|
+
# multiple account-level transformer policies with selection criteria,
|
3965
|
+
# no two of them can use the same or overlapping log group name
|
3966
|
+
# prefixes. For example, if you have one policy filtered to log groups
|
3967
|
+
# that start with `my-log`, you can't have another field index policy
|
3968
|
+
# filtered to `my-logpprod` or `my-logging`.
|
3969
|
+
#
|
3970
|
+
# You can also set up a transformer at the log-group level. For more
|
3971
|
+
# information, see [PutTransformer][7]. If there is both a log-group
|
3972
|
+
# level transformer created with `PutTransformer` and an account-level
|
3973
|
+
# transformer that could apply to the same log group, the log group uses
|
3974
|
+
# only the log-group level transformer. It ignores the account-level
|
3975
|
+
# transformer.
|
3976
|
+
#
|
3977
|
+
# **Field index policy**
|
3978
|
+
#
|
3979
|
+
# You can use field index policies to create indexes on fields found in
|
3980
|
+
# log events in the log group. Creating field indexes can help lower the
|
3981
|
+
# scan volume for CloudWatch Logs Insights queries that reference those
|
3982
|
+
# fields, because these queries attempt to skip the processing of log
|
3983
|
+
# events that are known to not match the indexed field. Good fields to
|
3984
|
+
# index are fields that you often need to query for and fields or values
|
3985
|
+
# that match only a small fraction of the total log events. Common
|
3986
|
+
# examples of indexes include request ID, session ID, user IDs, or
|
3987
|
+
# instance IDs. For more information, see [Create field indexes to
|
3988
|
+
# improve query performance and reduce costs][8]
|
3989
|
+
#
|
3990
|
+
# To find the fields that are in your log group events, use the
|
3991
|
+
# [GetLogGroupFields][9] operation.
|
3992
|
+
#
|
3993
|
+
# For example, suppose you have created a field index for `requestId`.
|
3994
|
+
# Then, any CloudWatch Logs Insights query on that log group that
|
3995
|
+
# includes `requestId = value ` or `requestId in [value, value, ...]`
|
3996
|
+
# will attempt to process only the log events where the indexed field
|
3997
|
+
# matches the specified value.
|
3998
|
+
#
|
3999
|
+
# Matches of log events to the names of indexed fields are
|
4000
|
+
# case-sensitive. For example, an indexed field of `RequestId` won't
|
4001
|
+
# match a log event containing `requestId`.
|
4002
|
+
#
|
4003
|
+
# You can have one account-level field index policy that applies to all
|
4004
|
+
# log groups in the account. Or you can create as many as 20
|
4005
|
+
# account-level field index policies that are each scoped to a subset of
|
4006
|
+
# log groups with the `selectionCriteria` parameter. If you have
|
4007
|
+
# multiple account-level index policies with selection criteria, no two
|
4008
|
+
# of them can use the same or overlapping log group name prefixes. For
|
4009
|
+
# example, if you have one policy filtered to log groups that start with
|
4010
|
+
# `my-log`, you can't have another field index policy filtered to
|
4011
|
+
# `my-logpprod` or `my-logging`.
|
4012
|
+
#
|
4013
|
+
# If you create an account-level field index policy in a monitoring
|
4014
|
+
# account in cross-account observability, the policy is applied only to
|
4015
|
+
# the monitoring account and not to any source accounts.
|
4016
|
+
#
|
4017
|
+
# If you want to create a field index policy for a single log group, you
|
4018
|
+
# can use [PutIndexPolicy][10] instead of `PutAccountPolicy`. If you do
|
4019
|
+
# so, that log group will use only that log-group level policy, and will
|
4020
|
+
# ignore the account-level policy that you create with
|
4021
|
+
# [PutAccountPolicy][11].
|
4022
|
+
#
|
3558
4023
|
#
|
3559
4024
|
#
|
3560
4025
|
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html
|
@@ -3562,6 +4027,12 @@ module Aws::CloudWatchLogs
|
|
3562
4027
|
# [3]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html
|
3563
4028
|
# [4]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html
|
3564
4029
|
# [5]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html
|
4030
|
+
# [6]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors
|
4031
|
+
# [7]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html
|
4032
|
+
# [8]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html
|
4033
|
+
# [9]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogGroupFields.html
|
4034
|
+
# [10]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutIndexPolicy.html
|
4035
|
+
# [11]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html
|
3565
4036
|
#
|
3566
4037
|
# @option params [required, String] :policy_name
|
3567
4038
|
# A name for the policy. This must be unique within the account.
|
@@ -3643,10 +4114,34 @@ module Aws::CloudWatchLogs
|
|
3643
4114
|
# property is only applicable when the destination is an Kinesis Data
|
3644
4115
|
# Streams data stream.
|
3645
4116
|
#
|
4117
|
+
# **Transformer policy**
|
4118
|
+
#
|
4119
|
+
# A transformer policy must include one JSON block with the array of
|
4120
|
+
# processors and their configurations. For more information about
|
4121
|
+
# available processors, see [ Processors that you can use][3].
|
4122
|
+
#
|
4123
|
+
# **Field index policy**
|
4124
|
+
#
|
4125
|
+
# A field index filter policy can include the following attribute in a
|
4126
|
+
# JSON block:
|
4127
|
+
#
|
4128
|
+
# * **Fields** The array of field indexes to create.
|
4129
|
+
#
|
4130
|
+
# ^
|
4131
|
+
#
|
4132
|
+
# It must contain at least one field index.
|
4133
|
+
#
|
4134
|
+
# The following is an example of an index policy document that creates
|
4135
|
+
# two indexes, `RequestId` and `TransactionId`.
|
4136
|
+
#
|
4137
|
+
# `"policyDocument": "{ "Fields": [ "RequestId", "TransactionId" ]
|
4138
|
+
# }"`
|
4139
|
+
#
|
3646
4140
|
#
|
3647
4141
|
#
|
3648
4142
|
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html
|
3649
4143
|
# [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html
|
4144
|
+
# [3]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors
|
3650
4145
|
#
|
3651
4146
|
# @option params [required, String] :policy_type
|
3652
4147
|
# The type of policy that you're creating or updating.
|
@@ -3657,17 +4152,25 @@ module Aws::CloudWatchLogs
|
|
3657
4152
|
# the account. If you omit this parameter, the default of `ALL` is used.
|
3658
4153
|
#
|
3659
4154
|
# @option params [String] :selection_criteria
|
3660
|
-
# Use this parameter to apply the
|
3661
|
-
#
|
3662
|
-
#
|
3663
|
-
#
|
4155
|
+
# Use this parameter to apply the new policy to a subset of log groups
|
4156
|
+
# in the account.
|
4157
|
+
#
|
4158
|
+
# Specifing `selectionCriteria` is valid only when you specify
|
4159
|
+
# `SUBSCRIPTION_FILTER_POLICY`, `FIELD_INDEX_POLICY` or
|
4160
|
+
# `TRANSFORMER_POLICY`for `policyType`.
|
3664
4161
|
#
|
3665
|
-
#
|
3666
|
-
#
|
3667
|
-
# prevention][1].
|
4162
|
+
# If `policyType` is `SUBSCRIPTION_FILTER_POLICY`, the only supported
|
4163
|
+
# `selectionCriteria` filter is `LogGroupName NOT IN []`
|
3668
4164
|
#
|
3669
|
-
#
|
3670
|
-
#
|
4165
|
+
# If `policyType` is `FIELD_INDEX_POLICY` or `TRANSFORMER_POLICY`, the
|
4166
|
+
# only supported `selectionCriteria` filter is `LogGroupNamePrefix`
|
4167
|
+
#
|
4168
|
+
# The `selectionCriteria` string can be up to 25KB in length. The length
|
4169
|
+
# is determined by using its UTF-8 bytes.
|
4170
|
+
#
|
4171
|
+
# Using the `selectionCriteria` parameter with
|
4172
|
+
# `SUBSCRIPTION_FILTER_POLICY` is useful to help prevent infinite loops.
|
4173
|
+
# For more information, see [Log recursion prevention][1].
|
3671
4174
|
#
|
3672
4175
|
#
|
3673
4176
|
#
|
@@ -3682,7 +4185,7 @@ module Aws::CloudWatchLogs
|
|
3682
4185
|
# resp = client.put_account_policy({
|
3683
4186
|
# policy_name: "PolicyName", # required
|
3684
4187
|
# policy_document: "AccountPolicyDocument", # required
|
3685
|
-
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY
|
4188
|
+
# policy_type: "DATA_PROTECTION_POLICY", # required, accepts DATA_PROTECTION_POLICY, SUBSCRIPTION_FILTER_POLICY, FIELD_INDEX_POLICY, TRANSFORMER_POLICY
|
3686
4189
|
# scope: "ALL", # accepts ALL
|
3687
4190
|
# selection_criteria: "SelectionCriteria",
|
3688
4191
|
# })
|
@@ -3692,7 +4195,7 @@ module Aws::CloudWatchLogs
|
|
3692
4195
|
# resp.account_policy.policy_name #=> String
|
3693
4196
|
# resp.account_policy.policy_document #=> String
|
3694
4197
|
# resp.account_policy.last_updated_time #=> Integer
|
3695
|
-
# resp.account_policy.policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY"
|
4198
|
+
# resp.account_policy.policy_type #=> String, one of "DATA_PROTECTION_POLICY", "SUBSCRIPTION_FILTER_POLICY", "FIELD_INDEX_POLICY", "TRANSFORMER_POLICY"
|
3696
4199
|
# resp.account_policy.scope #=> String, one of "ALL"
|
3697
4200
|
# resp.account_policy.selection_criteria #=> String
|
3698
4201
|
# resp.account_policy.account_id #=> String
|
@@ -4230,6 +4733,104 @@ module Aws::CloudWatchLogs
|
|
4230
4733
|
req.send_request(options)
|
4231
4734
|
end
|
4232
4735
|
|
4736
|
+
# Creates or updates a *field index policy* for the specified log group.
|
4737
|
+
# Only log groups in the Standard log class support field index
|
4738
|
+
# policies. For more information about log classes, see [Log
|
4739
|
+
# classes][1].
|
4740
|
+
#
|
4741
|
+
# You can use field index policies to create *field indexes* on fields
|
4742
|
+
# found in log events in the log group. Creating field indexes speeds up
|
4743
|
+
# and lowers the costs for CloudWatch Logs Insights queries that
|
4744
|
+
# reference those field indexes, because these queries attempt to skip
|
4745
|
+
# the processing of log events that are known to not match the indexed
|
4746
|
+
# field. Good fields to index are fields that you often need to query
|
4747
|
+
# for and fields or values that match only a small fraction of the total
|
4748
|
+
# log events. Common examples of indexes include request ID, session ID,
|
4749
|
+
# userID, and instance IDs. For more information, see [Create field
|
4750
|
+
# indexes to improve query performance and reduce costs][2].
|
4751
|
+
#
|
4752
|
+
# To find the fields that are in your log group events, use the
|
4753
|
+
# [GetLogGroupFields][3] operation.
|
4754
|
+
#
|
4755
|
+
# For example, suppose you have created a field index for `requestId`.
|
4756
|
+
# Then, any CloudWatch Logs Insights query on that log group that
|
4757
|
+
# includes `requestId = value ` or `requestId IN [value, value, ...]`
|
4758
|
+
# will process fewer log events to reduce costs, and have improved
|
4759
|
+
# performance.
|
4760
|
+
#
|
4761
|
+
# Each index policy has the following quotas and restrictions:
|
4762
|
+
#
|
4763
|
+
# * As many as 20 fields can be included in the policy.
|
4764
|
+
#
|
4765
|
+
# * Each field name can include as many as 100 characters.
|
4766
|
+
#
|
4767
|
+
# Matches of log events to the names of indexed fields are
|
4768
|
+
# case-sensitive. For example, a field index of `RequestId` won't match
|
4769
|
+
# a log event containing `requestId`.
|
4770
|
+
#
|
4771
|
+
# Log group-level field index policies created with `PutIndexPolicy`
|
4772
|
+
# override account-level field index policies created with
|
4773
|
+
# [PutAccountPolicy][4]. If you use `PutIndexPolicy` to create a field
|
4774
|
+
# index policy for a log group, that log group uses only that policy.
|
4775
|
+
# The log group ignores any account-wide field index policy that you
|
4776
|
+
# might have created.
|
4777
|
+
#
|
4778
|
+
#
|
4779
|
+
#
|
4780
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html
|
4781
|
+
# [2]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html
|
4782
|
+
# [3]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogGroupFields.html
|
4783
|
+
# [4]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html
|
4784
|
+
#
|
4785
|
+
# @option params [required, String] :log_group_identifier
|
4786
|
+
# Specify either the log group name or log group ARN to apply this field
|
4787
|
+
# index policy to. If you specify an ARN, use the format
|
4788
|
+
# arn:aws:logs:*region*:*account-id*:log-group:*log\_group\_name* Don't
|
4789
|
+
# include an * at the end.
|
4790
|
+
#
|
4791
|
+
# @option params [required, String] :policy_document
|
4792
|
+
# The index policy document, in JSON format. The following is an example
|
4793
|
+
# of an index policy document that creates two indexes, `RequestId` and
|
4794
|
+
# `TransactionId`.
|
4795
|
+
#
|
4796
|
+
# `"policyDocument": "{ "Fields": [ "RequestId", "TransactionId" ] }"`
|
4797
|
+
#
|
4798
|
+
# The policy document must include at least one field index. For more
|
4799
|
+
# information about the fields that can be included and other
|
4800
|
+
# restrictions, see [Field index syntax and quotas][1].
|
4801
|
+
#
|
4802
|
+
#
|
4803
|
+
#
|
4804
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing-Syntax.html
|
4805
|
+
#
|
4806
|
+
# @return [Types::PutIndexPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
4807
|
+
#
|
4808
|
+
# * {Types::PutIndexPolicyResponse#index_policy #index_policy} => Types::IndexPolicy
|
4809
|
+
#
|
4810
|
+
# @example Request syntax with placeholder values
|
4811
|
+
#
|
4812
|
+
# resp = client.put_index_policy({
|
4813
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
4814
|
+
# policy_document: "PolicyDocument", # required
|
4815
|
+
# })
|
4816
|
+
#
|
4817
|
+
# @example Response structure
|
4818
|
+
#
|
4819
|
+
# resp.index_policy.log_group_identifier #=> String
|
4820
|
+
# resp.index_policy.last_update_time #=> Integer
|
4821
|
+
# resp.index_policy.policy_document #=> String
|
4822
|
+
# resp.index_policy.policy_name #=> String
|
4823
|
+
# resp.index_policy.source #=> String, one of "ACCOUNT", "LOG_GROUP"
|
4824
|
+
#
|
4825
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutIndexPolicy AWS API Documentation
|
4826
|
+
#
|
4827
|
+
# @overload put_index_policy(params = {})
|
4828
|
+
# @param [Hash] params ({})
|
4829
|
+
def put_index_policy(params = {}, options = {})
|
4830
|
+
req = build_request(:put_index_policy, params)
|
4831
|
+
req.send_request(options)
|
4832
|
+
end
|
4833
|
+
|
4233
4834
|
# Uploads a batch of log events to the specified log stream.
|
4234
4835
|
#
|
4235
4836
|
# The sequence token is now ignored in `PutLogEvents` actions.
|
@@ -4293,7 +4894,7 @@ module Aws::CloudWatchLogs
|
|
4293
4894
|
# if the sequence token is not valid.
|
4294
4895
|
#
|
4295
4896
|
# @option params [Types::Entity] :entity
|
4296
|
-
#
|
4897
|
+
# The entity associated with the log events.
|
4297
4898
|
#
|
4298
4899
|
# @return [Types::PutLogEventsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
4299
4900
|
#
|
@@ -4349,12 +4950,12 @@ module Aws::CloudWatchLogs
|
|
4349
4950
|
# group is 100.
|
4350
4951
|
#
|
4351
4952
|
# Using regular expressions to create metric filters is supported. For
|
4352
|
-
# these filters, there is a
|
4353
|
-
#
|
4354
|
-
#
|
4355
|
-
#
|
4356
|
-
#
|
4357
|
-
#
|
4953
|
+
# these filters, there is a quota of two regular expression patterns
|
4954
|
+
# within a single filter pattern. There is also a quota of five regular
|
4955
|
+
# expression patterns per log group. For more information about using
|
4956
|
+
# regular expressions in metric filters, see [ Filter pattern syntax for
|
4957
|
+
# metric filters, subscription filters, filter log events, and Live
|
4958
|
+
# Tail][2].
|
4358
4959
|
#
|
4359
4960
|
# When you create a metric filter, you can also optionally assign a unit
|
4360
4961
|
# and dimensions to the metric that is created.
|
@@ -4392,6 +4993,20 @@ module Aws::CloudWatchLogs
|
|
4392
4993
|
# @option params [required, Array<Types::MetricTransformation>] :metric_transformations
|
4393
4994
|
# A collection of information that defines how metric data gets emitted.
|
4394
4995
|
#
|
4996
|
+
# @option params [Boolean] :apply_on_transformed_logs
|
4997
|
+
# This parameter is valid only for log groups that have an active log
|
4998
|
+
# transformer. For more information about log transformers, see
|
4999
|
+
# [PutTransformer][1].
|
5000
|
+
#
|
5001
|
+
# If the log group uses either a log-group level or account-level
|
5002
|
+
# transformer, and you specify `true`, the metric filter will be applied
|
5003
|
+
# on the transformed version of the log events instead of the original
|
5004
|
+
# ingested log events.
|
5005
|
+
#
|
5006
|
+
#
|
5007
|
+
#
|
5008
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html
|
5009
|
+
#
|
4395
5010
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4396
5011
|
#
|
4397
5012
|
# @example Request syntax with placeholder values
|
@@ -4412,6 +5027,7 @@ module Aws::CloudWatchLogs
|
|
4412
5027
|
# unit: "Seconds", # accepts Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, None
|
4413
5028
|
# },
|
4414
5029
|
# ],
|
5030
|
+
# apply_on_transformed_logs: false,
|
4415
5031
|
# })
|
4416
5032
|
#
|
4417
5033
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutMetricFilter AWS API Documentation
|
@@ -4740,6 +5356,20 @@ module Aws::CloudWatchLogs
|
|
4740
5356
|
# random for a more even distribution. This property is only applicable
|
4741
5357
|
# when the destination is an Amazon Kinesis data stream.
|
4742
5358
|
#
|
5359
|
+
# @option params [Boolean] :apply_on_transformed_logs
|
5360
|
+
# This parameter is valid only for log groups that have an active log
|
5361
|
+
# transformer. For more information about log transformers, see
|
5362
|
+
# [PutTransformer][1].
|
5363
|
+
#
|
5364
|
+
# If the log group uses either a log-group level or account-level
|
5365
|
+
# transformer, and you specify `true`, the subscription filter will be
|
5366
|
+
# applied on the transformed version of the log events instead of the
|
5367
|
+
# original ingested log events.
|
5368
|
+
#
|
5369
|
+
#
|
5370
|
+
#
|
5371
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html
|
5372
|
+
#
|
4743
5373
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4744
5374
|
#
|
4745
5375
|
# @example Request syntax with placeholder values
|
@@ -4751,6 +5381,7 @@ module Aws::CloudWatchLogs
|
|
4751
5381
|
# destination_arn: "DestinationArn", # required
|
4752
5382
|
# role_arn: "RoleArn",
|
4753
5383
|
# distribution: "Random", # accepts Random, ByLogStream
|
5384
|
+
# apply_on_transformed_logs: false,
|
4754
5385
|
# })
|
4755
5386
|
#
|
4756
5387
|
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutSubscriptionFilter AWS API Documentation
|
@@ -4762,6 +5393,211 @@ module Aws::CloudWatchLogs
|
|
4762
5393
|
req.send_request(options)
|
4763
5394
|
end
|
4764
5395
|
|
5396
|
+
# Creates or updates a *log transformer* for a single log group. You use
|
5397
|
+
# log transformers to transform log events into a different format,
|
5398
|
+
# making them easier for you to process and analyze. You can also
|
5399
|
+
# transform logs from different sources into standardized formats that
|
5400
|
+
# contains relevant, source-specific information.
|
5401
|
+
#
|
5402
|
+
# After you have created a transformer, CloudWatch Logs performs the
|
5403
|
+
# transformations at the time of log ingestion. You can then refer to
|
5404
|
+
# the transformed versions of the logs during operations such as
|
5405
|
+
# querying with CloudWatch Logs Insights or creating metric filters or
|
5406
|
+
# subscription filers.
|
5407
|
+
#
|
5408
|
+
# You can also use a transformer to copy metadata from metadata keys
|
5409
|
+
# into the log events themselves. This metadata can include log group
|
5410
|
+
# name, log stream name, account ID and Region.
|
5411
|
+
#
|
5412
|
+
# A transformer for a log group is a series of processors, where each
|
5413
|
+
# processor applies one type of transformation to the log events
|
5414
|
+
# ingested into this log group. The processors work one after another,
|
5415
|
+
# in the order that you list them, like a pipeline. For more information
|
5416
|
+
# about the available processors to use in a transformer, see [
|
5417
|
+
# Processors that you can use][1].
|
5418
|
+
#
|
5419
|
+
# Having log events in standardized format enables visibility across
|
5420
|
+
# your applications for your log analysis, reporting, and alarming
|
5421
|
+
# needs. CloudWatch Logs provides transformation for common log types
|
5422
|
+
# with out-of-the-box transformation templates for major Amazon Web
|
5423
|
+
# Services log sources such as VPC flow logs, Lambda, and Amazon RDS.
|
5424
|
+
# You can use pre-built transformation templates or create custom
|
5425
|
+
# transformation policies.
|
5426
|
+
#
|
5427
|
+
# You can create transformers only for the log groups in the Standard
|
5428
|
+
# log class.
|
5429
|
+
#
|
5430
|
+
# You can also set up a transformer at the account level. For more
|
5431
|
+
# information, see [PutAccountPolicy][2]. If there is both a log-group
|
5432
|
+
# level transformer created with `PutTransformer` and an account-level
|
5433
|
+
# transformer that could apply to the same log group, the log group uses
|
5434
|
+
# only the log-group level transformer. It ignores the account-level
|
5435
|
+
# transformer.
|
5436
|
+
#
|
5437
|
+
#
|
5438
|
+
#
|
5439
|
+
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-Processors
|
5440
|
+
# [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html
|
5441
|
+
#
|
5442
|
+
# @option params [required, String] :log_group_identifier
|
5443
|
+
# Specify either the name or ARN of the log group to create the
|
5444
|
+
# transformer for.
|
5445
|
+
#
|
5446
|
+
# @option params [required, Array<Types::Processor>] :transformer_config
|
5447
|
+
# This structure contains the configuration of this log transformer. A
|
5448
|
+
# log transformer is an array of processors, where each processor
|
5449
|
+
# applies one type of transformation to the log events that are
|
5450
|
+
# ingested.
|
5451
|
+
#
|
5452
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
5453
|
+
#
|
5454
|
+
# @example Request syntax with placeholder values
|
5455
|
+
#
|
5456
|
+
# resp = client.put_transformer({
|
5457
|
+
# log_group_identifier: "LogGroupIdentifier", # required
|
5458
|
+
# transformer_config: [ # required
|
5459
|
+
# {
|
5460
|
+
# add_keys: {
|
5461
|
+
# entries: [ # required
|
5462
|
+
# {
|
5463
|
+
# key: "Key", # required
|
5464
|
+
# value: "AddKeyValue", # required
|
5465
|
+
# overwrite_if_exists: false,
|
5466
|
+
# },
|
5467
|
+
# ],
|
5468
|
+
# },
|
5469
|
+
# copy_value: {
|
5470
|
+
# entries: [ # required
|
5471
|
+
# {
|
5472
|
+
# source: "Source", # required
|
5473
|
+
# target: "Target", # required
|
5474
|
+
# overwrite_if_exists: false,
|
5475
|
+
# },
|
5476
|
+
# ],
|
5477
|
+
# },
|
5478
|
+
# csv: {
|
5479
|
+
# quote_character: "QuoteCharacter",
|
5480
|
+
# delimiter: "Delimiter",
|
5481
|
+
# columns: ["Column"],
|
5482
|
+
# source: "Source",
|
5483
|
+
# },
|
5484
|
+
# date_time_converter: {
|
5485
|
+
# source: "Source", # required
|
5486
|
+
# target: "Target", # required
|
5487
|
+
# target_format: "TargetFormat",
|
5488
|
+
# match_patterns: ["MatchPattern"], # required
|
5489
|
+
# source_timezone: "SourceTimezone",
|
5490
|
+
# target_timezone: "TargetTimezone",
|
5491
|
+
# locale: "Locale",
|
5492
|
+
# },
|
5493
|
+
# delete_keys: {
|
5494
|
+
# with_keys: ["WithKey"], # required
|
5495
|
+
# },
|
5496
|
+
# grok: {
|
5497
|
+
# source: "Source",
|
5498
|
+
# match: "GrokMatch", # required
|
5499
|
+
# },
|
5500
|
+
# list_to_map: {
|
5501
|
+
# source: "Source", # required
|
5502
|
+
# key: "Key", # required
|
5503
|
+
# value_key: "ValueKey",
|
5504
|
+
# target: "Target",
|
5505
|
+
# flatten: false,
|
5506
|
+
# flattened_element: "first", # accepts first, last
|
5507
|
+
# },
|
5508
|
+
# lower_case_string: {
|
5509
|
+
# with_keys: ["WithKey"], # required
|
5510
|
+
# },
|
5511
|
+
# move_keys: {
|
5512
|
+
# entries: [ # required
|
5513
|
+
# {
|
5514
|
+
# source: "Source", # required
|
5515
|
+
# target: "Target", # required
|
5516
|
+
# overwrite_if_exists: false,
|
5517
|
+
# },
|
5518
|
+
# ],
|
5519
|
+
# },
|
5520
|
+
# parse_cloudfront: {
|
5521
|
+
# source: "Source",
|
5522
|
+
# },
|
5523
|
+
# parse_json: {
|
5524
|
+
# source: "Source",
|
5525
|
+
# destination: "DestinationField",
|
5526
|
+
# },
|
5527
|
+
# parse_key_value: {
|
5528
|
+
# source: "Source",
|
5529
|
+
# destination: "DestinationField",
|
5530
|
+
# field_delimiter: "ParserFieldDelimiter",
|
5531
|
+
# key_value_delimiter: "KeyValueDelimiter",
|
5532
|
+
# key_prefix: "KeyPrefix",
|
5533
|
+
# non_match_value: "NonMatchValue",
|
5534
|
+
# overwrite_if_exists: false,
|
5535
|
+
# },
|
5536
|
+
# parse_route_53: {
|
5537
|
+
# source: "Source",
|
5538
|
+
# },
|
5539
|
+
# parse_postgres: {
|
5540
|
+
# source: "Source",
|
5541
|
+
# },
|
5542
|
+
# parse_vpc: {
|
5543
|
+
# source: "Source",
|
5544
|
+
# },
|
5545
|
+
# parse_waf: {
|
5546
|
+
# source: "Source",
|
5547
|
+
# },
|
5548
|
+
# rename_keys: {
|
5549
|
+
# entries: [ # required
|
5550
|
+
# {
|
5551
|
+
# key: "Key", # required
|
5552
|
+
# rename_to: "RenameTo", # required
|
5553
|
+
# overwrite_if_exists: false,
|
5554
|
+
# },
|
5555
|
+
# ],
|
5556
|
+
# },
|
5557
|
+
# split_string: {
|
5558
|
+
# entries: [ # required
|
5559
|
+
# {
|
5560
|
+
# source: "Source", # required
|
5561
|
+
# delimiter: "Delimiter", # required
|
5562
|
+
# },
|
5563
|
+
# ],
|
5564
|
+
# },
|
5565
|
+
# substitute_string: {
|
5566
|
+
# entries: [ # required
|
5567
|
+
# {
|
5568
|
+
# source: "Source", # required
|
5569
|
+
# from: "FromKey", # required
|
5570
|
+
# to: "ToKey", # required
|
5571
|
+
# },
|
5572
|
+
# ],
|
5573
|
+
# },
|
5574
|
+
# trim_string: {
|
5575
|
+
# with_keys: ["WithKey"], # required
|
5576
|
+
# },
|
5577
|
+
# type_converter: {
|
5578
|
+
# entries: [ # required
|
5579
|
+
# {
|
5580
|
+
# key: "Key", # required
|
5581
|
+
# type: "boolean", # required, accepts boolean, integer, double, string
|
5582
|
+
# },
|
5583
|
+
# ],
|
5584
|
+
# },
|
5585
|
+
# upper_case_string: {
|
5586
|
+
# with_keys: ["WithKey"], # required
|
5587
|
+
# },
|
5588
|
+
# },
|
5589
|
+
# ],
|
5590
|
+
# })
|
5591
|
+
#
|
5592
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutTransformer AWS API Documentation
|
5593
|
+
#
|
5594
|
+
# @overload put_transformer(params = {})
|
5595
|
+
# @param [Hash] params ({})
|
5596
|
+
def put_transformer(params = {}, options = {})
|
5597
|
+
req = build_request(:put_transformer, params)
|
5598
|
+
req.send_request(options)
|
5599
|
+
end
|
5600
|
+
|
4765
5601
|
# Starts a Live Tail streaming session for one or more log groups. A
|
4766
5602
|
# Live Tail session returns a stream of log events that have been
|
4767
5603
|
# recently ingested in the log groups. For more information, see [Use
|
@@ -5049,9 +5885,9 @@ module Aws::CloudWatchLogs
|
|
5049
5885
|
req.send_request(options)
|
5050
5886
|
end
|
5051
5887
|
|
5052
|
-
#
|
5053
|
-
# specify the log
|
5054
|
-
# use.
|
5888
|
+
# Starts a query of one or more log groups using CloudWatch Logs
|
5889
|
+
# Insights. You specify the log groups and time range to query and the
|
5890
|
+
# query string to use.
|
5055
5891
|
#
|
5056
5892
|
# For more information, see [CloudWatch Logs Insights Query Syntax][1].
|
5057
5893
|
#
|
@@ -5059,8 +5895,22 @@ module Aws::CloudWatchLogs
|
|
5059
5895
|
# by CloudWatch Logs. You can use [GetQueryResults][2] to retrieve the
|
5060
5896
|
# results of a query, using the `queryId` that `StartQuery` returns.
|
5061
5897
|
#
|
5898
|
+
# <note markdown="1"> To specify the log groups to query, a `StartQuery` operation must
|
5899
|
+
# include one of the following:
|
5900
|
+
#
|
5901
|
+
# * Either exactly one of the following parameters: `logGroupName`,
|
5902
|
+
# `logGroupNames`, or `logGroupIdentifiers`
|
5903
|
+
#
|
5904
|
+
# * Or the `queryString` must include a `SOURCE` command to select log
|
5905
|
+
# groups for the query. The `SOURCE` command can select log groups
|
5906
|
+
# based on log group name prefix, account ID, and log class.
|
5907
|
+
#
|
5908
|
+
# For more information about the `SOURCE` command, see [SOURCE][3].
|
5909
|
+
#
|
5910
|
+
# </note>
|
5911
|
+
#
|
5062
5912
|
# If you have associated a KMS key with the query results in this
|
5063
|
-
# account, then [StartQuery][
|
5913
|
+
# account, then [StartQuery][4] uses that key to encrypt the results
|
5064
5914
|
# when it stores them. If no key is associated with query results, the
|
5065
5915
|
# query results are encrypted with the default CloudWatch Logs
|
5066
5916
|
# encryption method.
|
@@ -5072,7 +5922,7 @@ module Aws::CloudWatchLogs
|
|
5072
5922
|
# If you are using CloudWatch cross-account observability, you can use
|
5073
5923
|
# this operation in a monitoring account to start a query in a linked
|
5074
5924
|
# source account. For more information, see [CloudWatch cross-account
|
5075
|
-
# observability][
|
5925
|
+
# observability][5]. For a cross-account `StartQuery` operation, the
|
5076
5926
|
# query definition must be defined in the monitoring account.
|
5077
5927
|
#
|
5078
5928
|
# You can have up to 30 concurrent CloudWatch Logs insights queries,
|
@@ -5082,26 +5932,17 @@ module Aws::CloudWatchLogs
|
|
5082
5932
|
#
|
5083
5933
|
# [1]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html
|
5084
5934
|
# [2]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetQueryResults.html
|
5085
|
-
# [3]: https://docs.aws.amazon.com/
|
5086
|
-
# [4]: https://docs.aws.amazon.com/
|
5935
|
+
# [3]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax-Source.html
|
5936
|
+
# [4]: https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html
|
5937
|
+
# [5]: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html
|
5087
5938
|
#
|
5088
5939
|
# @option params [String] :log_group_name
|
5089
5940
|
# The log group on which to perform the query.
|
5090
5941
|
#
|
5091
|
-
# <note markdown="1"> A `StartQuery` operation must include exactly one of the following
|
5092
|
-
# parameters: `logGroupName`, `logGroupNames`, or `logGroupIdentifiers`.
|
5093
|
-
#
|
5094
|
-
# </note>
|
5095
|
-
#
|
5096
5942
|
# @option params [Array<String>] :log_group_names
|
5097
5943
|
# The list of log groups to be queried. You can include up to 50 log
|
5098
5944
|
# groups.
|
5099
5945
|
#
|
5100
|
-
# <note markdown="1"> A `StartQuery` operation must include exactly one of the following
|
5101
|
-
# parameters: `logGroupName`, `logGroupNames`, or `logGroupIdentifiers`.
|
5102
|
-
#
|
5103
|
-
# </note>
|
5104
|
-
#
|
5105
5946
|
# @option params [Array<String>] :log_group_identifiers
|
5106
5947
|
# The list of log groups to query. You can include up to 50 log groups.
|
5107
5948
|
#
|
@@ -5110,7 +5951,9 @@ module Aws::CloudWatchLogs
|
|
5110
5951
|
# account, you must specify the ARN of the log group here. The query
|
5111
5952
|
# definition must also be defined in the monitoring account.
|
5112
5953
|
#
|
5113
|
-
# If you specify an ARN, the
|
5954
|
+
# If you specify an ARN, use the format
|
5955
|
+
# arn:aws:logs:*region*:*account-id*:log-group:*log\_group\_name* Don't
|
5956
|
+
# include an * at the end.
|
5114
5957
|
#
|
5115
5958
|
# A `StartQuery` operation must include exactly one of the following
|
5116
5959
|
# parameters: `logGroupName`, `logGroupNames`, or `logGroupIdentifiers`.
|
@@ -5348,6 +6191,179 @@ module Aws::CloudWatchLogs
|
|
5348
6191
|
req.send_request(options)
|
5349
6192
|
end
|
5350
6193
|
|
6194
|
+
# Use this operation to test a log transformer. You enter the
|
6195
|
+
# transformer configuration and a set of log events to test with. The
|
6196
|
+
# operation responds with an array that includes the original log events
|
6197
|
+
# and the transformed versions.
|
6198
|
+
#
|
6199
|
+
# @option params [required, Array<Types::Processor>] :transformer_config
|
6200
|
+
# This structure contains the configuration of this log transformer that
|
6201
|
+
# you want to test. A log transformer is an array of processors, where
|
6202
|
+
# each processor applies one type of transformation to the log events
|
6203
|
+
# that are ingested.
|
6204
|
+
#
|
6205
|
+
# @option params [required, Array<String>] :log_event_messages
|
6206
|
+
# An array of the raw log events that you want to use to test this
|
6207
|
+
# transformer.
|
6208
|
+
#
|
6209
|
+
# @return [Types::TestTransformerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
6210
|
+
#
|
6211
|
+
# * {Types::TestTransformerResponse#transformed_logs #transformed_logs} => Array<Types::TransformedLogRecord>
|
6212
|
+
#
|
6213
|
+
# @example Request syntax with placeholder values
|
6214
|
+
#
|
6215
|
+
# resp = client.test_transformer({
|
6216
|
+
# transformer_config: [ # required
|
6217
|
+
# {
|
6218
|
+
# add_keys: {
|
6219
|
+
# entries: [ # required
|
6220
|
+
# {
|
6221
|
+
# key: "Key", # required
|
6222
|
+
# value: "AddKeyValue", # required
|
6223
|
+
# overwrite_if_exists: false,
|
6224
|
+
# },
|
6225
|
+
# ],
|
6226
|
+
# },
|
6227
|
+
# copy_value: {
|
6228
|
+
# entries: [ # required
|
6229
|
+
# {
|
6230
|
+
# source: "Source", # required
|
6231
|
+
# target: "Target", # required
|
6232
|
+
# overwrite_if_exists: false,
|
6233
|
+
# },
|
6234
|
+
# ],
|
6235
|
+
# },
|
6236
|
+
# csv: {
|
6237
|
+
# quote_character: "QuoteCharacter",
|
6238
|
+
# delimiter: "Delimiter",
|
6239
|
+
# columns: ["Column"],
|
6240
|
+
# source: "Source",
|
6241
|
+
# },
|
6242
|
+
# date_time_converter: {
|
6243
|
+
# source: "Source", # required
|
6244
|
+
# target: "Target", # required
|
6245
|
+
# target_format: "TargetFormat",
|
6246
|
+
# match_patterns: ["MatchPattern"], # required
|
6247
|
+
# source_timezone: "SourceTimezone",
|
6248
|
+
# target_timezone: "TargetTimezone",
|
6249
|
+
# locale: "Locale",
|
6250
|
+
# },
|
6251
|
+
# delete_keys: {
|
6252
|
+
# with_keys: ["WithKey"], # required
|
6253
|
+
# },
|
6254
|
+
# grok: {
|
6255
|
+
# source: "Source",
|
6256
|
+
# match: "GrokMatch", # required
|
6257
|
+
# },
|
6258
|
+
# list_to_map: {
|
6259
|
+
# source: "Source", # required
|
6260
|
+
# key: "Key", # required
|
6261
|
+
# value_key: "ValueKey",
|
6262
|
+
# target: "Target",
|
6263
|
+
# flatten: false,
|
6264
|
+
# flattened_element: "first", # accepts first, last
|
6265
|
+
# },
|
6266
|
+
# lower_case_string: {
|
6267
|
+
# with_keys: ["WithKey"], # required
|
6268
|
+
# },
|
6269
|
+
# move_keys: {
|
6270
|
+
# entries: [ # required
|
6271
|
+
# {
|
6272
|
+
# source: "Source", # required
|
6273
|
+
# target: "Target", # required
|
6274
|
+
# overwrite_if_exists: false,
|
6275
|
+
# },
|
6276
|
+
# ],
|
6277
|
+
# },
|
6278
|
+
# parse_cloudfront: {
|
6279
|
+
# source: "Source",
|
6280
|
+
# },
|
6281
|
+
# parse_json: {
|
6282
|
+
# source: "Source",
|
6283
|
+
# destination: "DestinationField",
|
6284
|
+
# },
|
6285
|
+
# parse_key_value: {
|
6286
|
+
# source: "Source",
|
6287
|
+
# destination: "DestinationField",
|
6288
|
+
# field_delimiter: "ParserFieldDelimiter",
|
6289
|
+
# key_value_delimiter: "KeyValueDelimiter",
|
6290
|
+
# key_prefix: "KeyPrefix",
|
6291
|
+
# non_match_value: "NonMatchValue",
|
6292
|
+
# overwrite_if_exists: false,
|
6293
|
+
# },
|
6294
|
+
# parse_route_53: {
|
6295
|
+
# source: "Source",
|
6296
|
+
# },
|
6297
|
+
# parse_postgres: {
|
6298
|
+
# source: "Source",
|
6299
|
+
# },
|
6300
|
+
# parse_vpc: {
|
6301
|
+
# source: "Source",
|
6302
|
+
# },
|
6303
|
+
# parse_waf: {
|
6304
|
+
# source: "Source",
|
6305
|
+
# },
|
6306
|
+
# rename_keys: {
|
6307
|
+
# entries: [ # required
|
6308
|
+
# {
|
6309
|
+
# key: "Key", # required
|
6310
|
+
# rename_to: "RenameTo", # required
|
6311
|
+
# overwrite_if_exists: false,
|
6312
|
+
# },
|
6313
|
+
# ],
|
6314
|
+
# },
|
6315
|
+
# split_string: {
|
6316
|
+
# entries: [ # required
|
6317
|
+
# {
|
6318
|
+
# source: "Source", # required
|
6319
|
+
# delimiter: "Delimiter", # required
|
6320
|
+
# },
|
6321
|
+
# ],
|
6322
|
+
# },
|
6323
|
+
# substitute_string: {
|
6324
|
+
# entries: [ # required
|
6325
|
+
# {
|
6326
|
+
# source: "Source", # required
|
6327
|
+
# from: "FromKey", # required
|
6328
|
+
# to: "ToKey", # required
|
6329
|
+
# },
|
6330
|
+
# ],
|
6331
|
+
# },
|
6332
|
+
# trim_string: {
|
6333
|
+
# with_keys: ["WithKey"], # required
|
6334
|
+
# },
|
6335
|
+
# type_converter: {
|
6336
|
+
# entries: [ # required
|
6337
|
+
# {
|
6338
|
+
# key: "Key", # required
|
6339
|
+
# type: "boolean", # required, accepts boolean, integer, double, string
|
6340
|
+
# },
|
6341
|
+
# ],
|
6342
|
+
# },
|
6343
|
+
# upper_case_string: {
|
6344
|
+
# with_keys: ["WithKey"], # required
|
6345
|
+
# },
|
6346
|
+
# },
|
6347
|
+
# ],
|
6348
|
+
# log_event_messages: ["EventMessage"], # required
|
6349
|
+
# })
|
6350
|
+
#
|
6351
|
+
# @example Response structure
|
6352
|
+
#
|
6353
|
+
# resp.transformed_logs #=> Array
|
6354
|
+
# resp.transformed_logs[0].event_number #=> Integer
|
6355
|
+
# resp.transformed_logs[0].event_message #=> String
|
6356
|
+
# resp.transformed_logs[0].transformed_event_message #=> String
|
6357
|
+
#
|
6358
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TestTransformer AWS API Documentation
|
6359
|
+
#
|
6360
|
+
# @overload test_transformer(params = {})
|
6361
|
+
# @param [Hash] params ({})
|
6362
|
+
def test_transformer(params = {}, options = {})
|
6363
|
+
req = build_request(:test_transformer, params)
|
6364
|
+
req.send_request(options)
|
6365
|
+
end
|
6366
|
+
|
5351
6367
|
# The UntagLogGroup operation is on the path to deprecation. We
|
5352
6368
|
# recommend that you use [UntagResource][1] instead.
|
5353
6369
|
#
|
@@ -5626,7 +6642,7 @@ module Aws::CloudWatchLogs
|
|
5626
6642
|
tracer: tracer
|
5627
6643
|
)
|
5628
6644
|
context[:gem_name] = 'aws-sdk-cloudwatchlogs'
|
5629
|
-
context[:gem_version] = '1.
|
6645
|
+
context[:gem_version] = '1.103.0'
|
5630
6646
|
Seahorse::Client::Request.new(handlers, context)
|
5631
6647
|
end
|
5632
6648
|
|