udhos/cloudwatch_logs_insights_parse_fields.md

Last active November 18, 2021 12:20

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/udhos/017c4ea77ec75ebc84666e59ef40cbdc.js"></script>
Save udhos/017c4ea77ec75ebc84666e59ef40cbdc to your computer and use it in GitHub Desktop.

Download ZIP

cloudwatch_logs_insights_parse_fields.md

Raw

cloudwatch_logs_insights_parse_fields.md

fields @timestamp, @message
| filter (@message like /records=/)
| parse @message /records=(?<records>\S+)/
| filter records >= 200
| sort @timestamp desc
| limit 2000

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment