String logGroupName
The name of the log group.
String kmsKeyId
The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data. This must be a symmetric KMS key. For more information, see Amazon Resource Names and Using Symmetric and Asymmetric Keys.
String taskId
The ID of the export task.
String taskName
The name of the export task.
String logGroupName
The name of the log group.
String logStreamNamePrefix
Export only log streams that match the provided prefix. If you don't specify a value, no prefix filter is applied.
Long from
The start time of the range for the request, expressed as the number of milliseconds after
Jan 1, 1970 00:00:00 UTC. Events with a timestamp earlier than this time are not exported.
Long to
The end time of the range for the request, expressed as the number of milliseconds after
Jan 1, 1970 00:00:00 UTC. Events with a timestamp later than this time are not exported.
You must specify a time that is not earlier than when this log group was created.
String destination
The name of S3 bucket for the exported log data. The bucket must be in the same Amazon Web Services Region.
String destinationPrefix
The prefix used as the start of the key for every object exported. If you don't specify a value, the default is
exportedlogs.
String taskId
The ID of the export task.
String logGroupName
The name of the log group.
String kmsKeyId
The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data. For more information, see Amazon Resource Names.
SdkInternalMap<K,V> tags
The key-value pairs to use for the tags.
You can grant users access to certain log groups while preventing them from accessing other log groups. To do so,
tag your groups and use IAM policies that refer to those tags. To assign tags when you create a log group, you
must have either the logs:TagResource or logs:TagLogGroup permission. For more
information about tagging, see Tagging
Amazon Web Services resources. For more information about using tags to control access, see Controlling access to Amazon Web
Services resources using tags.
String expectedSequenceToken
String logGroupIdentifier
The name or ARN of the log group that you want to delete the data protection policy for.
String destinationName
The name of the destination.
String logGroupName
The name of the log group.
String queryDefinitionId
The ID of the query definition that you want to delete. You can use DescribeQueryDefinitions to retrieve the IDs of your saved query definitions.
Boolean success
A value of TRUE indicates that the operation succeeded. FALSE indicates that the operation failed.
String policyName
The name of the policy to be revoked. This parameter is required.
String logGroupName
The name of the log group.
String destinationNamePrefix
The prefix to match. If you don't specify a value, no prefix filter is applied.
String nextToken
The token for the next set of items to return. (You received this token from a previous call.)
Integer limit
The maximum number of items returned. If you don't specify a value, the default maximum value of 50 items is used.
SdkInternalList<T> destinations
The destinations.
String nextToken
String taskId
The ID of the export task. Specifying a task ID filters the results to one or zero export tasks.
String statusCode
The status code of the export task. Specifying a status code filters the results to zero or more export tasks.
String nextToken
The token for the next set of items to return. (You received this token from a previous call.)
Integer limit
The maximum number of items returned. If you don't specify a value, the default is up to 50 items.
SdkInternalList<T> exportTasks
The export tasks.
String nextToken
SdkInternalList<T> accountIdentifiers
When includeLinkedAccounts is set to True, use this parameter to specify the list of
accounts to search. You can specify as many as 20 account IDs in the array.
String logGroupNamePrefix
The prefix to match.
logGroupNamePrefix and logGroupNamePattern are mutually exclusive. Only one of these
parameters can be passed.
String logGroupNamePattern
If you specify a string for this parameter, the operation returns only log groups that have names that match the
string based on a case-sensitive substring search. For example, if you specify Foo, log groups named
FooBar, aws/Foo, and GroupFoo would match, but foo,
F/o/o and Froo would not match.
logGroupNamePattern and logGroupNamePrefix are mutually exclusive. Only one of these
parameters can be passed.
String nextToken
The token for the next set of items to return. (You received this token from a previous call.)
Integer limit
The maximum number of items returned. If you don't specify a value, the default is up to 50 items.
Boolean includeLinkedAccounts
If you are using a monitoring account, set this to True to have the operation return log groups in
the accounts listed in accountIdentifiers.
If this parameter is set to true and accountIdentifiers contains a null value, the
operation returns all log groups in the monitoring account and all log groups in all source accounts that are
linked to the monitoring account.
If you specify includeLinkedAccounts in your request, then metricFilterCount,
retentionInDays, and storedBytes are not included in the response.
SdkInternalList<T> logGroups
The log groups.
If the retentionInDays value is not included for a log group, then that log group's events do not
expire.
String nextToken
String logGroupName
The name of the log group.
You must include either logGroupIdentifier or logGroupName, but not both.
String logGroupIdentifier
Specify either the name or ARN of the log group to view. If the log group is in a source account and you are using a monitoring account, you must use the log group ARN.
You must include either logGroupIdentifier or logGroupName, but not both.
String logStreamNamePrefix
The prefix to match.
If orderBy is LastEventTime, you cannot specify this parameter.
String orderBy
If the value is LogStreamName, the results are ordered by log stream name. If the value is
LastEventTime, the results are ordered by the event time. The default value is
LogStreamName.
If you order the results by event time, you cannot specify the logStreamNamePrefix parameter.
lastEventTimestamp represents the time of the most recent log event in the log stream in CloudWatch
Logs. This number is expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
lastEventTimestamp updates on an eventual consistency basis. It typically updates in less than an
hour from ingestion, but in rare situations might take longer.
Boolean descending
If the value is true, results are returned in descending order. If the value is to false, results are returned in ascending order. The default value is false.
String nextToken
The token for the next set of items to return. (You received this token from a previous call.)
Integer limit
The maximum number of items returned. If you don't specify a value, the default is up to 50 items.
SdkInternalList<T> logStreams
The log streams.
String nextToken
String logGroupName
The name of the log group.
String filterNamePrefix
The prefix to match. CloudWatch Logs uses the value that you set here only if you also include the
logGroupName parameter in your request.
String nextToken
The token for the next set of items to return. (You received this token from a previous call.)
Integer limit
The maximum number of items returned. If you don't specify a value, the default is up to 50 items.
String metricName
Filters results to include only those with the specified metric name. If you include this parameter in your
request, you must also include the metricNamespace parameter.
String metricNamespace
Filters results to include only those in the specified namespace. If you include this parameter in your request,
you must also include the metricName parameter.
SdkInternalList<T> metricFilters
The metric filters.
String nextToken
String logGroupName
Limits the returned queries to only those for the specified log group.
String status
Limits the returned queries to only those that have the specified status. Valid values are Cancelled, Complete, Failed, Running, and Scheduled.
Integer maxResults
Limits the number of returned queries to the specified number.
String nextToken
SdkInternalList<T> queries
The list of queries that match the request.
String nextToken
String queryDefinitionNamePrefix
Use this parameter to filter your results to only the query definitions that have names that start with the prefix you specify.
Integer maxResults
Limits the number of returned query definitions to the specified number.
String nextToken
SdkInternalList<T> queryDefinitions
The list of query definitions that match your request.
String nextToken
SdkInternalList<T> resourcePolicies
The resource policies that exist in this account.
String nextToken
String logGroupName
The name of the log group.
String filterNamePrefix
The prefix to match. If you don't specify a value, no prefix filter is applied.
String nextToken
The token for the next set of items to return. (You received this token from a previous call.)
Integer limit
The maximum number of items returned. If you don't specify a value, the default is up to 50 items.
SdkInternalList<T> subscriptionFilters
The subscription filters.
String nextToken
String destinationName
The name of the destination.
String targetArn
The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).
String roleArn
A role for impersonation, used when delivering log events to the target.
String accessPolicy
An IAM policy document that governs which Amazon Web Services accounts can create subscription filters against this destination.
String arn
The ARN of this destination.
Long creationTime
The creation time of the destination, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
String logGroupName
The name of the log group.
String taskId
The ID of the export task.
String taskName
The name of the export task.
String logGroupName
The name of the log group from which logs data was exported.
Long from
The start time, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC. Events with
a timestamp before this time are not exported.
Long to
The end time, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC. Events with a
timestamp later than this time are not exported.
String destination
The name of the S3 bucket to which the log data was exported.
String destinationPrefix
The prefix that was used as the start of Amazon S3 key for every object exported.
ExportTaskStatus status
The status of the export task.
ExportTaskExecutionInfo executionInfo
Execution information about the export task.
String logStreamName
The name of the log stream to which this event belongs.
Long timestamp
The time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
String message
The data contained in the log event.
Long ingestionTime
The time the event was ingested, expressed as the number of milliseconds after
Jan 1, 1970 00:00:00 UTC.
String eventId
The ID of the event.
String logGroupName
The name of the log group to search.
You must include either logGroupIdentifier or logGroupName, but not both.
String logGroupIdentifier
Specify either the name or ARN of the log group to view log events from. If the log group is in a source account and you are using a monitoring account, you must use the log group ARN.
You must include either logGroupIdentifier or logGroupName, but not both.
SdkInternalList<T> logStreamNames
Filters the results to only logs from the log streams in this list.
If you specify a value for both logStreamNamePrefix and logStreamNames, the action
returns an InvalidParameterException error.
String logStreamNamePrefix
Filters the results to include only events from log streams that have names starting with this prefix.
If you specify a value for both logStreamNamePrefix and logStreamNames, but the value
for logStreamNamePrefix does not match any log stream names specified in logStreamNames
, the action returns an InvalidParameterException error.
Long startTime
The start of the time range, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
Events with a timestamp before this time are not returned.
Long endTime
The end of the time range, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
Events with a timestamp later than this time are not returned.
String filterPattern
The filter pattern to use. For more information, see Filter and Pattern Syntax.
If not provided, all the events are matched.
String nextToken
The token for the next set of events to return. (You received this token from a previous call.)
Integer limit
The maximum number of events to return. The default is 10,000 events.
Boolean interleaved
If the value is true, the operation attempts to provide responses that contain events from multiple log streams within the log group, interleaved in a single response. If the value is false, all the matched log events in the first log stream are searched first, then those in the next log stream, and so on.
Important As of June 17, 2019, this parameter is ignored and the value is assumed to be true. The response from this operation always interleaves events from multiple log streams within a log group.
Boolean unmask
Specify true to display the log event fields with all sensitive data unmasked and visible. The
default is false.
To use this operation with this parameter, you must be signed into an account with the logs:Unmask
permission.
SdkInternalList<T> events
The matched events.
SdkInternalList<T> searchedLogStreams
Important As of May 15, 2020, this parameter is no longer supported. This parameter returns an empty list.
Indicates which log streams have been searched and whether each has been searched completely.
String nextToken
The token to use when requesting the next set of items. The token expires after 24 hours.
String logGroupIdentifier
The name or ARN of the log group that contains the data protection policy that you want to see.
String logGroupName
The name of the log group.
You must include either logGroupIdentifier or logGroupName, but not both.
String logGroupIdentifier
Specify either the name or ARN of the log group to view events from. If the log group is in a source account and you are using a monitoring account, you must use the log group ARN.
You must include either logGroupIdentifier or logGroupName, but not both.
String logStreamName
The name of the log stream.
Long startTime
The start of the time range, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
Events with a timestamp equal to this time or later than this time are included. Events with a timestamp earlier
than this time are not included.
Long endTime
The end of the time range, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
Events with a timestamp equal to or later than this time are not included.
String nextToken
The token for the next set of items to return. (You received this token from a previous call.)
Integer limit
The maximum number of log events returned. If you don't specify a limit, the default is as many log events as can fit in a response size of 1 MB (up to 10,000 log events).
Boolean startFromHead
If the value is true, the earliest log events are returned first. If the value is false, the latest log events are returned first. The default value is false.
If you are using a previous nextForwardToken value as the nextToken in this operation,
you must specify true for startFromHead.
Boolean unmask
Specify true to display the log event fields with all sensitive data unmasked and visible. The
default is false.
To use this operation with this parameter, you must be signed into an account with the logs:Unmask
permission.
SdkInternalList<T> events
The events.
String nextForwardToken
The token for the next set of items in the forward direction. The token expires after 24 hours. If you have reached the end of the stream, it returns the same token you passed in.
String nextBackwardToken
The token for the next set of items in the backward direction. The token expires after 24 hours. This token is not null. If you have reached the end of the stream, it returns the same token you passed in.
String logGroupName
The name of the log group to search.
You must include either logGroupIdentifier or logGroupName, but not both.
Long time
The time to set as the center of the query. If you specify time, the 15 minutes before this time are
queries. If you omit time, the 8 minutes before and 8 minutes after this time are searched.
The time value is specified as epoch time, which is the number of seconds since
January 1, 1970, 00:00:00 UTC.
String logGroupIdentifier
Specify either the name or ARN of the log group to view. If the log group is in a source account and you are using a monitoring account, you must specify the ARN.
You must include either logGroupIdentifier or logGroupName, but not both.
SdkInternalList<T> logGroupFields
The array of fields found in the query. Each object in the array contains the name of the field, along with the percentage of time it appeared in the log events that were queried.
String logRecordPointer
The pointer corresponding to the log event record you want to retrieve. You get this from the response of a
GetQueryResults operation. In that response, the value of the @ptr field for a log
event is the value to use as logRecordPointer to retrieve that complete log event record.
Boolean unmask
Specify true to display the log event fields with all sensitive data unmasked and visible. The
default is false.
To use this operation with this parameter, you must be signed into an account with the logs:Unmask
permission.
SdkInternalMap<K,V> logRecord
The requested log event, as a JSON string.
String queryId
The ID number of the query.
SdkInternalList<T> results
The log events that matched the query criteria during the most recent time it ran.
The results value is an array of arrays. Each log event is one object in the top-level array. Each
of these log event objects is an array of field/value pairs.
QueryStatistics statistics
Includes the number of log events scanned by the query, the number of log events that matched the query criteria, and the total number of bytes in the log events that were scanned. These values reflect the full raw results of the query.
String status
The status of the most recent running of the query. Possible values are Cancelled,
Complete, Failed, Running, Scheduled, Timeout,
and Unknown.
Queries time out after 15 minutes of runtime. To avoid having your queries time out, reduce the time range being searched or partition your query into a number of queries.
String expectedSequenceToken
String resourceArn
The ARN of the resource that you want to view tags for.
The ARN format of a log group is
arn:aws:logs:Region:account-id:log-group:log-group-name
The ARN format of a destination is
arn:aws:logs:Region:account-id:destination:destination-name
For more information about ARN format, see CloudWatch Logs resources and operations.
SdkInternalMap<K,V> tags
The list of tags associated with the requested resource.>
String logGroupName
The name of the log group.
SdkInternalMap<K,V> tags
The tags for the log group.
String logGroupName
The name of the log group.
Long creationTime
The creation time of the log group, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
Integer retentionInDays
Integer metricFilterCount
The number of metric filters.
String arn
The Amazon Resource Name (ARN) of the log group.
Long storedBytes
The number of bytes stored.
String kmsKeyId
The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data.
String dataProtectionStatus
Displays whether this log group has a protection policy, or whether it had one in the past. For more information, see PutDataProtectionPolicy.
String logStreamName
The name of the log stream.
Long creationTime
The creation time of the stream, expressed as the number of milliseconds after
Jan 1, 1970 00:00:00 UTC.
Long firstEventTimestamp
The time of the first event, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
Long lastEventTimestamp
The time of the most recent log event in the log stream in CloudWatch Logs. This number is expressed as the
number of milliseconds after Jan 1, 1970 00:00:00 UTC. The lastEventTime value updates
on an eventual consistency basis. It typically updates in less than an hour from ingestion, but in rare
situations might take longer.
Long lastIngestionTime
The ingestion time, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC The
lastIngestionTime value updates on an eventual consistency basis. It typically updates in less than
an hour after ingestion, but in rare situations might take longer.
String uploadSequenceToken
The sequence token.
The sequence token is now ignored in PutLogEvents actions. PutLogEvents actions are
always accepted regardless of receiving an invalid sequence token. You don't need to obtain
uploadSequenceToken to use a PutLogEvents action.
String arn
The Amazon Resource Name (ARN) of the log stream.
Long storedBytes
The number of bytes stored.
Important: As of June 17, 2019, this parameter is no longer supported for log streams, and is always
reported as zero. This change applies only to log streams. The storedBytes parameter for log groups
is not affected.
QueryCompileError queryCompileError
String filterName
The name of the metric filter.
String filterPattern
SdkInternalList<T> metricTransformations
The metric transformations.
Long creationTime
The creation time of the metric filter, expressed as the number of milliseconds after
Jan 1, 1970 00:00:00 UTC.
String logGroupName
The name of the log group.
Long eventNumber
The event number.
String eventMessage
The raw event data.
SdkInternalMap<K,V> extractedValues
The values extracted from the event data by the filter.
String metricName
The name of the CloudWatch metric.
String metricNamespace
A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see Namespaces.
String metricValue
The value to publish to the CloudWatch metric when a filter pattern matches a log event.
Double defaultValue
(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.
SdkInternalMap<K,V> dimensions
The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.
Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not
specify high-cardinality fields such as IPAddress or requestID as dimensions. Each
different value found for a dimension is treated as a separate metric and accrues charges as a separate custom
metric.
CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.
You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see Creating a Billing Alarm to Monitor Your Estimated Amazon Web Services Charges.
String unit
The unit to assign to the metric. If you omit this, the unit is set as None.
Long timestamp
The time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.
String message
The data contained in the log event.
Long ingestionTime
The time the event was ingested, expressed as the number of milliseconds after
Jan 1, 1970 00:00:00 UTC.
String logGroupIdentifier
Specify either the log group name or log group ARN.
String policyDocument
Specify the data protection policy, in JSON.
This policy must include two JSON blocks:
The first block must include both a DataIdentifer array and an Operation property with
an Audit action. The DataIdentifer array lists the types of sensitive data that you
want to mask. For more information about the available options, see Types of data
that you can mask.
The Operation property with an Audit action is required to find the sensitive data
terms. This Audit action must contain a FindingsDestination object. You can optionally
use that FindingsDestination object to list one or more destinations to send audit findings to. If
you specify destinations such as log groups, Kinesis Data Firehose streams, and S3 buckets, they must already
exist.
The second block must include both a DataIdentifer array and an Operation property with
an Deidentify action. The DataIdentifer array must exactly match the
DataIdentifer array in the first block of the policy.
The Operation property with the Deidentify action is what actually masks the data, and
it must contain the "MaskConfig": {} object. The "MaskConfig": {} object must be
empty.
For an example data protection policy, see the Examples section on this page.
The contents of two DataIdentifer arrays must match exactly.
String destinationName
A name for an existing destination.
String accessPolicy
An IAM policy document that authorizes cross-account users to deliver their log events to the associated destination. This can be up to 5120 bytes.
Boolean forceUpdate
Specify true if you are updating an existing destination policy to grant permission to an organization ID instead
of granting permission to individual AWS accounts. Before you update a destination policy this way, you must
first update the subscription filters in the accounts that send logs to this destination. If you do not, the
subscription filters might stop working. By specifying true for forceUpdate, you are
affirming that you have already updated the subscription filters. For more information, see
Updating an existing cross-account subscription
If you omit this parameter, the default of false is used.
String destinationName
A name for the destination.
String targetArn
The ARN of an Amazon Kinesis stream to which to deliver matching log events.
String roleArn
The ARN of an IAM role that grants CloudWatch Logs permissions to call the Amazon Kinesis PutRecord
operation on the destination stream.
SdkInternalMap<K,V> tags
An optional list of key-value pairs to associate with the resource.
For more information about tagging, see Tagging Amazon Web Services resources
Destination destination
The destination.
String logGroupName
The name of the log group.
String logStreamName
The name of the log stream.
SdkInternalList<T> logEvents
The log events.
String sequenceToken
The sequence token obtained from the response of the previous PutLogEvents call.
The sequenceToken parameter is now ignored in PutLogEvents actions.
PutLogEvents actions are now accepted and never return InvalidSequenceTokenException or
DataAlreadyAcceptedException even if the sequence token is not valid.
String nextSequenceToken
The next sequence token.
This field has been deprecated.
The sequence token is now ignored in PutLogEvents actions. PutLogEvents actions are
always accepted even if the sequence token is not valid. You can use parallel PutLogEvents actions
on the same log stream and you do not need to wait for the response of a previous PutLogEvents
action to obtain the nextSequenceToken value.
RejectedLogEventsInfo rejectedLogEventsInfo
The rejected events.
String logGroupName
The name of the log group.
String filterName
A name for the metric filter.
String filterPattern
A filter pattern for extracting metric data out of ingested log events.
SdkInternalList<T> metricTransformations
A collection of information that defines how metric data gets emitted.
String name
A name for the query definition. If you are saving numerous query definitions, we recommend that you name them.
This way, you can find the ones you want by using the first part of the name as a filter in the
queryDefinitionNamePrefix parameter of DescribeQueryDefinitions.
String queryDefinitionId
If you are updating a query definition, use this parameter to specify the ID of the query definition that you want to update. You can use DescribeQueryDefinitions to retrieve the IDs of your saved query definitions.
If you are creating a query definition, do not specify this parameter. CloudWatch generates a unique ID for the new query definition and include it in the response to this operation.
SdkInternalList<T> logGroupNames
Use this parameter to include specific log groups as part of your query definition.
If you are updating a query definition and you omit this parameter, then the updated definition will contain no log groups.
String queryString
The query string to use for this definition. For more information, see CloudWatch Logs Insights Query Syntax.
String queryDefinitionId
The ID of the query definition.
String policyName
Name of the new policy. This parameter is required.
String policyDocument
Details of the new policy, including the identity of the principal that is enabled to put logs to this account. This is formatted as a JSON string. This parameter is required.
The following example creates a resource policy enabling the Route 53 service to put DNS query logs in to the
specified log group. Replace "logArn" with the ARN of your CloudWatch Logs resource, such as a log
group or log stream.
CloudWatch Logs also supports aws:SourceArn and aws:SourceAccount condition context keys.
In the example resource policy, you would replace the value of SourceArn with the resource making
the call from RouteĀ 53 to CloudWatch Logs. You would also replace the value of SourceAccount with
the Amazon Web Services account ID making that call.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "Route53LogsToCloudWatchLogs", "Effect": "Allow", "Principal": { "Service": [ "route53.amazonaws.com" ] }, "Action": "logs:PutLogEvents", "Resource": "logArn", "Condition": { "ArnLike": { "aws:SourceArn": "myRoute53ResourceArn" }, "StringEquals": { "aws:SourceAccount": "myAwsAccountId" } } } ] }
ResourcePolicy resourcePolicy
The new policy.
String logGroupName
The name of the log group.
String filterName
A name for the subscription filter. If you are updating an existing filter, you must specify the correct name in
filterName. To find the name of the filter currently associated with a log group, use DescribeSubscriptionFilters.
String filterPattern
A filter pattern for subscribing to a filtered stream of log events.
String destinationArn
The ARN of the destination to deliver matching log events to. Currently, the supported destinations are:
An Amazon Kinesis stream belonging to the same account as the subscription filter, for same-account delivery.
A logical destination (specified using an ARN) belonging to a different account, for cross-account delivery.
If you're setting up a cross-account subscription, the destination must have an IAM policy associated with it. The IAM policy must allow the sender to send logs to the destination. For more information, see PutDestinationPolicy.
A Kinesis Data Firehose delivery stream belonging to the same account as the subscription filter, for same-account delivery.
A Lambda function belonging to the same account as the subscription filter, for same-account delivery.
String roleArn
The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.
String distribution
The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to random for a more even distribution. This property is only applicable when the destination is an Amazon Kinesis data stream.
QueryCompileErrorLocation location
Reserved.
String message
Reserved.
String queryDefinitionId
The unique ID of the query definition.
String name
The name of the query definition.
String queryString
The query string to use for this definition. For more information, see CloudWatch Logs Insights Query Syntax.
Long lastModified
The date that the query definition was most recently modified.
SdkInternalList<T> logGroupNames
If this query definition contains a list of log groups that it is limited to, that list appears here.
String queryId
The unique ID number of this query.
String queryString
The query string used in this query.
String status
The status of this query. Possible values are Cancelled, Complete, Failed,
Running, Scheduled, and Unknown.
Long createTime
The date and time that this query was created.
String logGroupName
The name of the log group scanned by this query.
String logGroupName
The log group on which to perform the query.
A StartQuery operation must include exactly one of the following parameters:
logGroupName, logGroupNames or logGroupIdentifiers.
SdkInternalList<T> logGroupNames
The list of log groups to be queried. You can include up to 50 log groups.
A StartQuery operation must include exactly one of the following parameters:
logGroupName, logGroupNames or logGroupIdentifiers.
SdkInternalList<T> logGroupIdentifiers
The list of log groups to query. You can include up to 50 log groups.
You can specify them by the log group name or ARN. If a log group that you're querying is in a source account and you're using a monitoring account, you must specify the ARN of the log group here. The query definition must also be defined in the monitoring account.
If you specify an ARN, the ARN can't end with an asterisk (*).
A StartQuery operation must include exactly one of the following parameters:
logGroupName, logGroupNames or logGroupIdentifiers.
Long startTime
The beginning of the time range to query. The range is inclusive, so the specified start time is included in the
query. Specified as epoch time, the number of seconds since January 1, 1970, 00:00:00 UTC.
Long endTime
The end of the time range to query. The range is inclusive, so the specified end time is included in the query.
Specified as epoch time, the number of seconds since January 1, 1970, 00:00:00 UTC.
String queryString
The query string to use. For more information, see CloudWatch Logs Insights Query Syntax.
Integer limit
The maximum number of log events to return in the query. If the query string uses the fields
command, only the specified fields and their values are returned. The default is 1000.
String queryId
The unique ID of the query.
String queryId
The ID number of the query to stop. To find this ID number, use DescribeQueries.
Boolean success
This is true if the query was stopped by the StopQuery operation.
String filterName
The name of the subscription filter.
String logGroupName
The name of the log group.
String filterPattern
String destinationArn
The Amazon Resource Name (ARN) of the destination.
String roleArn
String distribution
Long creationTime
The creation time of the subscription filter, expressed as the number of milliseconds after
Jan 1, 1970 00:00:00 UTC.
String logGroupName
The name of the log group.
SdkInternalMap<K,V> tags
The key-value pairs to use for the tags.
String resourceArn
The ARN of the resource that you're adding tags to.
The ARN format of a log group is
arn:aws:logs:Region:account-id:log-group:log-group-name
The ARN format of a destination is
arn:aws:logs:Region:account-id:destination:destination-name
For more information about ARN format, see CloudWatch Logs resources and operations.
SdkInternalMap<K,V> tags
The list of key-value pairs to associate with the resource.
String filterPattern
SdkInternalList<T> logEventMessages
The log event messages to test.
SdkInternalList<T> matches
The matched events.
String resourceName
The name of the resource.
String logGroupName
The name of the log group.
SdkInternalList<T> tags
The tag keys. The corresponding tags are removed from the log group.
String resourceArn
The ARN of the CloudWatch Logs resource that you're removing tags from.
The ARN format of a log group is
arn:aws:logs:Region:account-id:log-group:log-group-name
The ARN format of a destination is
arn:aws:logs:Region:account-id:destination:destination-name
For more information about ARN format, see CloudWatch Logs resources and operations.
SdkInternalList<T> tagKeys
The list of tag keys to remove from the resource.
Copyright © 2023. All rights reserved.