Ema*_*ele 3 amazon-cloudwatch aws-lambda aws-cloudwatch-log-insights
以下是 lambda 的两个示例消息: 警告:
Field Value
@ingestionTime 1653987507053
@log XXXXXXX:/aws/lambda/lambda-name
@logStream 2022/05/31/[$LATEST]059106a15343448486b43f8b1168ec64
@message 2022-05-31T08:58:18.293Z b1266ad9-95aa-4c4e-9416-e86409f6455e WARN error catched and errorHandler configured, handling the error: Error: Error while executing handler: TypeError: Cannot read property 'replace' of undefined
@requestId b1266ad9-95aa-4c4e-9416-e86409f6455e
@timestamp 1653987498296
错误:
Field Value
@ingestionTime 1653917638480
@log XXXXXXXX:/aws/lambda/lambda-name
@logStream 2022/05/30/[$LATEST]bf8ba722ecd442dbafeaeeb3e7251024
@message 2022-05-30T13:33:57.406Z 8b5ec77c-fb30-4eb3-bd38-04a10abae403 ERROR Invoke Error {"errorType":"Error","errorMessage":"Error while executing configured error handler: Error: No body found in handler event","stack":["Error: Error while executing configured error handler: Error: No body found in handler event"," at Runtime.<anonymous> (/var/task/index.js:3180:15)"]}
@requestId 8b5ec77c-fb30-4eb3-bd38-04a10abae403
@timestamp 1653917637407
errorMessage
Error while executing configured error handler: Error: No body found in handler event
errorType
Error
stack.0 Error: Error while executing configured error handler: Error: No body found in handler event
stack.1 at Runtime.<anonymous> (/var/task/index.js:3180:15)
您能否帮助我了解如何设置查询,以便拥有一个包含以下列及其值的表:从 @message 提取时间戳、requestID、类型(WARN 或 ERROR)、errorMessage 以及(如果可行)lambda 的名称来自@log 和@logStream。
小智 5
如果我们查看有关AWS Insights 解析方法的文档
我们可以使用星号*来捕获详细信息,对您来说:
fields @timestamp, @message, @log, @logStream, @requestId
| parse @message "* * * *" as timestamp, requestId, type, body
| display @timestamp, @requestId, @log, @logStream, body
如果您还想捕获错误消息,请尝试现在解析正文:
fields @timestamp, @message, @log, @logStream, @requestId
| parse @message "* * * *" as timestamp, requestId, type, body
| parse body "*,\"errorMessage\":\"*\"*" as startBody, errorMessage, endBody
| display @timestamp, @requestId, @log, @logStream, body, errorMessage
应该可以,但请随意查找 AWS 文档中的任何其他信息,他们已经做得非常详尽了
| 归档时间: |
|
| 查看次数: |
14922 次 |
| 最近记录: |