CloudWatchLogs

Table of Contents

Client

class CloudWatchLogs.Client

A low-level client representing Amazon CloudWatch Logs:

client = session.create_client('logs')

These are the available methods:

can_paginate(operation_name)

Check if an operation can be paginated.

Parameters:operation_name (string) -- The operation name. This is the same name as the method name on the client. For example, if the method name is create_foo, and you'd normally invoke the operation as client.create_foo(**kwargs), if the create_foo operation can be paginated, you can use the call client.get_paginator("create_foo").
Returns:True if the operation can be paginated, False otherwise.
create_log_group(**kwargs)

Creates a new log group with the specified name. The name of the log group must be unique within a region for an AWS account. You can create up to 500 log groups per account.

You must use the following guidelines when naming a log group:

  • Log group names can be between 1 and 512 characters long.
  • Allowed characters are a-z, A-Z, 0-9, '_' (underscore), '-' (hyphen), '/' (forward slash), and '.' (period).

Request Syntax

response = client.create_log_group(
    logGroupName='string'
)
Parameters:logGroupName (string) --

[REQUIRED]

The name of the log group to create.

Returns:None
create_log_stream(**kwargs)

Creates a new log stream in the specified log group. The name of the log stream must be unique within the log group. There is no limit on the number of log streams that can exist in a log group.

You must use the following guidelines when naming a log stream:

  • Log stream names can be between 1 and 512 characters long.
  • The ':' colon character is not allowed.

Request Syntax

response = client.create_log_stream(
    logGroupName='string',
    logStreamName='string'
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group under which the log stream is to be created.

  • logStreamName (string) --

    [REQUIRED]

    The name of the log stream to create.

Returns:

None

delete_destination(**kwargs)

Deletes the destination with the specified name and eventually disables all the subscription filters that publish to it. This will not delete the physical resource encapsulated by the destination.

Request Syntax

response = client.delete_destination(
    destinationName='string'
)
Parameters:destinationName (string) --

[REQUIRED]

The name of destination to delete.

Returns:None
delete_log_group(**kwargs)

Deletes the log group with the specified name and permanently deletes all the archived log events associated with it.

Request Syntax

response = client.delete_log_group(
    logGroupName='string'
)
Parameters:logGroupName (string) --

[REQUIRED]

The name of the log group to delete.

Returns:None
delete_log_stream(**kwargs)

Deletes a log stream and permanently deletes all the archived log events associated with it.

Request Syntax

response = client.delete_log_stream(
    logGroupName='string',
    logStreamName='string'
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group under which the log stream to delete belongs.

  • logStreamName (string) --

    [REQUIRED]

    The name of the log stream to delete.

Returns:

None

delete_metric_filter(**kwargs)

Deletes a metric filter associated with the specified log group.

Request Syntax

response = client.delete_metric_filter(
    logGroupName='string',
    filterName='string'
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group that is associated with the metric filter to delete.

  • filterName (string) --

    [REQUIRED]

    The name of the metric filter to delete.

Returns:

None

delete_retention_policy(**kwargs)

Deletes the retention policy of the specified log group. Log events would not expire if they belong to log groups without a retention policy.

Request Syntax

response = client.delete_retention_policy(
    logGroupName='string'
)
Parameters:logGroupName (string) --

[REQUIRED]

The name of the log group that is associated with the retention policy to delete.

Returns:None
delete_subscription_filter(**kwargs)

Deletes a subscription filter associated with the specified log group.

Request Syntax

response = client.delete_subscription_filter(
    logGroupName='string',
    filterName='string'
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group that is associated with the subscription filter to delete.

  • filterName (string) --

    [REQUIRED]

    The name of the subscription filter to delete.

Returns:

None

describe_destinations(**kwargs)

Returns all the destinations that are associated with the AWS account making the request. The list returned in the response is ASCII-sorted by destination name.

By default, this operation returns up to 50 destinations. If there are more destinations to list, the response would contain a nextToken value in the response body. You can also limit the number of destinations returned in the response by specifying the limit parameter in the request.

Request Syntax

response = client.describe_destinations(
    DestinationNamePrefix='string',
    nextToken='string',
    limit=123
)
Parameters:
  • DestinationNamePrefix (string) -- Will only return destinations that match the provided destinationNamePrefix. If you don't specify a value, no prefix is applied.
  • nextToken (string) -- A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.
  • limit (integer) -- The maximum number of results to return.
Return type:

dict

Returns:

Response Syntax

{
    'destinations': [
        {
            'destinationName': 'string',
            'targetArn': 'string',
            'roleArn': 'string',
            'accessPolicy': 'string',
            'arn': 'string',
            'creationTime': 123
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • destinations (list) --

      • (dict) --

        • destinationName (string) --

        • targetArn (string) --

        • roleArn (string) --

        • accessPolicy (string) --

        • arn (string) --

        • creationTime (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

    • nextToken (string) --

      A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.

describe_log_groups(**kwargs)

Returns all the log groups that are associated with the AWS account making the request. The list returned in the response is ASCII-sorted by log group name.

By default, this operation returns up to 50 log groups. If there are more log groups to list, the response would contain a nextToken value in the response body. You can also limit the number of log groups returned in the response by specifying the limit parameter in the request.

Request Syntax

response = client.describe_log_groups(
    logGroupNamePrefix='string',
    nextToken='string',
    limit=123
)
Parameters:
  • logGroupNamePrefix (string) -- Will only return log groups that match the provided logGroupNamePrefix. If you don't specify a value, no prefix filter is applied.
  • nextToken (string) -- A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous DescribeLogGroups request.
  • limit (integer) -- The maximum number of items returned in the response. If you don't specify a value, the request would return up to 50 items.
Return type:

dict

Returns:

Response Syntax

{
    'logGroups': [
        {
            'logGroupName': 'string',
            'creationTime': 123,
            'retentionInDays': 123,
            'metricFilterCount': 123,
            'arn': 'string',
            'storedBytes': 123
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • logGroups (list) --

      A list of log groups.

      • (dict) --

        • logGroupName (string) --

        • creationTime (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

        • retentionInDays (integer) --

          Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653.

        • metricFilterCount (integer) --

          The number of metric filters associated with the log group.

        • arn (string) --

        • storedBytes (integer) --

    • nextToken (string) --

      A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.

describe_log_streams(**kwargs)

Returns all the log streams that are associated with the specified log group. The list returned in the response is ASCII-sorted by log stream name.

By default, this operation returns up to 50 log streams. If there are more log streams to list, the response would contain a nextToken value in the response body. You can also limit the number of log streams returned in the response by specifying the limit parameter in the request. This operation has a limit of five transactions per second, after which transactions are throttled.

Request Syntax

response = client.describe_log_streams(
    logGroupName='string',
    logStreamNamePrefix='string',
    orderBy='LogStreamName'|'LastEventTime',
    descending=True|False,
    nextToken='string',
    limit=123
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The log group name for which log streams are to be listed.

  • logStreamNamePrefix (string) -- Will only return log streams that match the provided logStreamNamePrefix. If you don't specify a value, no prefix filter is applied.
  • orderBy (string) -- Specifies what to order the returned log streams by. Valid arguments are 'LogStreamName' or 'LastEventTime'. If you don't specify a value, results are ordered by LogStreamName. If 'LastEventTime' is chosen, the request cannot also contain a logStreamNamePrefix.
  • descending (boolean) -- If set to true, results are returned in descending order. If you don't specify a value or set it to false, results are returned in ascending order.
  • nextToken (string) -- A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous DescribeLogStreams request.
  • limit (integer) -- The maximum number of items returned in the response. If you don't specify a value, the request would return up to 50 items.
Return type:

dict

Returns:

Response Syntax

{
    'logStreams': [
        {
            'logStreamName': 'string',
            'creationTime': 123,
            'firstEventTimestamp': 123,
            'lastEventTimestamp': 123,
            'lastIngestionTime': 123,
            'uploadSequenceToken': 'string',
            'arn': 'string',
            'storedBytes': 123
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • logStreams (list) --

      A list of log streams.

      • (dict) --

        A log stream is sequence of log events from a single emitter of logs.

        • logStreamName (string) --

        • creationTime (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

        • firstEventTimestamp (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

        • lastEventTimestamp (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

        • lastIngestionTime (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

        • uploadSequenceToken (string) --

          A string token used for making PutLogEvents requests. A sequenceToken can only be used once, and PutLogEvents requests must include the sequenceToken obtained from the response of the previous request.

        • arn (string) --

        • storedBytes (integer) --

    • nextToken (string) --

      A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.

describe_metric_filters(**kwargs)

Returns all the metrics filters associated with the specified log group. The list returned in the response is ASCII-sorted by filter name.

By default, this operation returns up to 50 metric filters. If there are more metric filters to list, the response would contain a nextToken value in the response body. You can also limit the number of metric filters returned in the response by specifying the limit parameter in the request.

Request Syntax

response = client.describe_metric_filters(
    logGroupName='string',
    filterNamePrefix='string',
    nextToken='string',
    limit=123
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The log group name for which metric filters are to be listed.

  • filterNamePrefix (string) -- Will only return metric filters that match the provided filterNamePrefix. If you don't specify a value, no prefix filter is applied.
  • nextToken (string) -- A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous DescribeMetricFilters request.
  • limit (integer) -- The maximum number of items returned in the response. If you don't specify a value, the request would return up to 50 items.
Return type:

dict

Returns:

Response Syntax

{
    'metricFilters': [
        {
            'filterName': 'string',
            'filterPattern': 'string',
            'metricTransformations': [
                {
                    'metricName': 'string',
                    'metricNamespace': 'string',
                    'metricValue': 'string'
                },
            ],
            'creationTime': 123
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • metricFilters (list) --

      • (dict) --

        Metric filters can be used to express how Amazon CloudWatch Logs would extract metric observations from ingested log events and transform them to metric data in a CloudWatch metric.

        • filterName (string) --

          A name for a metric or subscription filter.

        • filterPattern (string) --

          A symbolic description of how Amazon CloudWatch Logs should interpret the data in each log event. For example, a log event may contain timestamps, IP addresses, strings, and so on. You use the filter pattern to specify what to look for in the log event message.

        • metricTransformations (list) --

          • (dict) --

            • metricName (string) --

              The name of the CloudWatch metric to which the monitored log information should be published. For example, you may publish to a metric called ErrorCount.

            • metricNamespace (string) --

              The destination namespace of the new CloudWatch metric.

            • metricValue (string) --

              What to publish to the metric. For example, if you're counting the occurrences of a particular term like "Error", the value will be "1" for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event.

        • creationTime (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

    • nextToken (string) --

      A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.

describe_subscription_filters(**kwargs)

Returns all the subscription filters associated with the specified log group. The list returned in the response is ASCII-sorted by filter name.

By default, this operation returns up to 50 subscription filters. If there are more subscription filters to list, the response would contain a nextToken value in the response body. You can also limit the number of subscription filters returned in the response by specifying the limit parameter in the request.

Request Syntax

response = client.describe_subscription_filters(
    logGroupName='string',
    filterNamePrefix='string',
    nextToken='string',
    limit=123
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The log group name for which subscription filters are to be listed.

  • filterNamePrefix (string) -- Will only return subscription filters that match the provided filterNamePrefix. If you don't specify a value, no prefix filter is applied.
  • nextToken (string) -- A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.
  • limit (integer) -- The maximum number of results to return.
Return type:

dict

Returns:

Response Syntax

{
    'subscriptionFilters': [
        {
            'filterName': 'string',
            'logGroupName': 'string',
            'filterPattern': 'string',
            'destinationArn': 'string',
            'roleArn': 'string',
            'creationTime': 123
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • subscriptionFilters (list) --

      • (dict) --

        • filterName (string) --

          A name for a metric or subscription filter.

        • logGroupName (string) --

        • filterPattern (string) --

          A symbolic description of how Amazon CloudWatch Logs should interpret the data in each log event. For example, a log event may contain timestamps, IP addresses, strings, and so on. You use the filter pattern to specify what to look for in the log event message.

        • destinationArn (string) --

        • roleArn (string) --

        • creationTime (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

    • nextToken (string) --

      A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.

filter_log_events(**kwargs)

Retrieves log events, optionally filtered by a filter pattern from the specified log group. You can provide an optional time range to filter the results on the event timestamp . You can limit the streams searched to an explicit list of logStreamNames .

By default, this operation returns as much matching log events as can fit in a response size of 1MB, up to 10,000 log events, or all the events found within a time-bounded scan window. If the response includes a nextToken , then there is more data to search, and the search can be resumed with a new request providing the nextToken. The response will contain a list of searchedLogStreams that contains information about which streams were searched in the request and whether they have been searched completely or require further pagination. The limit parameter in the request. can be used to specify the maximum number of events to return in a page.

Request Syntax

response = client.filter_log_events(
    logGroupName='string',
    logStreamNames=[
        'string',
    ],
    startTime=123,
    endTime=123,
    filterPattern='string',
    nextToken='string',
    limit=123,
    interleaved=True|False
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group to query.

  • logStreamNames (list) --

    Optional list of log stream names within the specified log group to search. Defaults to all the log streams in the log group.

    • (string) --
  • startTime (integer) -- A unix timestamp indicating the start time of the range for the request. If provided, events with a timestamp prior to this time will not be returned.
  • endTime (integer) -- A unix timestamp indicating the end time of the range for the request. If provided, events with a timestamp later than this time will not be returned.
  • filterPattern (string) -- A valid CloudWatch Logs filter pattern to use for filtering the response. If not provided, all the events are matched.
  • nextToken (string) -- A pagination token obtained from a FilterLogEvents response to continue paginating the FilterLogEvents results.
  • limit (integer) -- The maximum number of events to return in a page of results. Default is 10,000 events.
  • interleaved (boolean) -- If provided, the API will make a best effort to provide responses that contain events from multiple log streams within the log group interleaved in a single response. If not provided, all the matched log events in the first log stream will be searched first, then those in the next log stream, etc.
Return type:

dict

Returns:

Response Syntax

{
    'events': [
        {
            'logStreamName': 'string',
            'timestamp': 123,
            'message': 'string',
            'ingestionTime': 123,
            'eventId': 'string'
        },
    ],
    'searchedLogStreams': [
        {
            'logStreamName': 'string',
            'searchedCompletely': True|False
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • events (list) --

      A list of FilteredLogEvent objects representing the matched events from the request.

      • (dict) --

        Represents a matched event from a FilterLogEvents request.

        • logStreamName (string) --

          The name of the log stream this event belongs to.

        • timestamp (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

        • message (string) --

          The data contained in the log event.

        • ingestionTime (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

        • eventId (string) --

          A unique identifier for this event.

    • searchedLogStreams (list) --

      A list of SearchedLogStream objects indicating which log streams have been searched in this request and whether each has been searched completely or still has more to be paginated.

      • (dict) --

        An object indicating the search status of a log stream in a FilterLogEvents request.

        • logStreamName (string) --

          The name of the log stream.

        • searchedCompletely (boolean) --

          Indicates whether all the events in this log stream were searched or more data exists to search by paginating further.

    • nextToken (string) --

      A pagination token obtained from a FilterLogEvents response to continue paginating the FilterLogEvents results.

generate_presigned_url(ClientMethod, Params=None, ExpiresIn=3600, HttpMethod=None)

Generate a presigned url given a client, its method, and arguments

Parameters:
  • ClientMethod (string) -- The client method to presign for
  • Params (dict) -- The parameters normally passed to ClientMethod.
  • ExpiresIn (int) -- The number of seconds the presigned url is valid for. By default it expires in an hour (3600 seconds)
  • HttpMethod (string) -- The http method to use on the generated url. By default, the http method is whatever is used in the method's model.
Returns:

The presigned url

get_log_events(**kwargs)

Retrieves log events from the specified log stream. You can provide an optional time range to filter the results on the event timestamp .

By default, this operation returns as much log events as can fit in a response size of 1MB, up to 10,000 log events. The response will always include a nextForwardToken and a nextBackwardToken in the response body. You can use any of these tokens in subsequent GetLogEvents requests to paginate through events in either forward or backward direction. You can also limit the number of log events returned in the response by specifying the limit parameter in the request.

Request Syntax

response = client.get_log_events(
    logGroupName='string',
    logStreamName='string',
    startTime=123,
    endTime=123,
    nextToken='string',
    limit=123,
    startFromHead=True|False
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group to query.

  • logStreamName (string) --

    [REQUIRED]

    The name of the log stream to query.

  • startTime (integer) -- A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.
  • endTime (integer) -- A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.
  • nextToken (string) -- A string token used for pagination that points to the next page of results. It must be a value obtained from the nextForwardToken or nextBackwardToken fields in the response of the previous GetLogEvents request.
  • limit (integer) -- The maximum number of log events returned in the response. If you don't specify a value, the request would return as many log events as can fit in a response size of 1MB, up to 10,000 log events.
  • startFromHead (boolean) -- If set to true, the earliest log events would be returned first. The default is false (the latest log events are returned first).
Return type:

dict

Returns:

Response Syntax

{
    'events': [
        {
            'timestamp': 123,
            'message': 'string',
            'ingestionTime': 123
        },
    ],
    'nextForwardToken': 'string',
    'nextBackwardToken': 'string'
}

Response Structure

  • (dict) --

    • events (list) --

      • (dict) --

        • timestamp (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

        • message (string) --

        • ingestionTime (integer) --

          A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

    • nextForwardToken (string) --

      A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.

    • nextBackwardToken (string) --

      A string token used for pagination that points to the next page of results. It must be a value obtained from the response of the previous request. The token expires after 24 hours.

get_paginator(operation_name)

Create a paginator for an operation.

Parameters:operation_name (string) -- The operation name. This is the same name as the method name on the client. For example, if the method name is create_foo, and you'd normally invoke the operation as client.create_foo(**kwargs), if the create_foo operation can be paginated, you can use the call client.get_paginator("create_foo").
Raises OperationNotPageableError:
 Raised if the operation is not pageable. You can use the client.can_paginate method to check if an operation is pageable.
Return type:L{botocore.paginate.Paginator}
Returns:A paginator object.
get_waiter(waiter_name)
put_destination(**kwargs)

Creates or updates a Destination . A destination encapsulates a physical resource (such as a Kinesis stream) and allows you to subscribe to a real-time stream of log events of a different account, ingested through PutLogEvents requests. Currently, the only supported physical resource is a Amazon Kinesis stream belonging to the same account as the destination.

A destination controls what is written to its Amazon Kinesis stream through an access policy. By default, PutDestination does not set any access policy with the destination, which means a cross-account user will not be able to call PutSubscriptionFilter against this destination. To enable that, the destination owner must call PutDestinationPolicy after PutDestination.

Request Syntax

response = client.put_destination(
    destinationName='string',
    targetArn='string',
    roleArn='string'
)
Parameters:
  • destinationName (string) --

    [REQUIRED]

    A name for the destination.

  • targetArn (string) --

    [REQUIRED]

    The ARN of an Amazon Kinesis stream to deliver matching log events to.

  • roleArn (string) --

    [REQUIRED]

    The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to do Amazon Kinesis PutRecord requests on the desitnation stream.

Return type:

dict

Returns:

Response Syntax

{
    'destination': {
        'destinationName': 'string',
        'targetArn': 'string',
        'roleArn': 'string',
        'accessPolicy': 'string',
        'arn': 'string',
        'creationTime': 123
    }
}

Response Structure

  • (dict) --

    • destination (dict) --

      • destinationName (string) --

      • targetArn (string) --

      • roleArn (string) --

      • accessPolicy (string) --

      • arn (string) --

      • creationTime (integer) --

        A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

put_destination_policy(**kwargs)

Creates or updates an access policy associated with an existing Destination . An access policy is an IAM policy document that is used to authorize claims to register a subscription filter against a given destination.

Request Syntax

response = client.put_destination_policy(
    destinationName='string',
    accessPolicy='string'
)
Parameters:
  • destinationName (string) --

    [REQUIRED]

    A name for an existing destination.

  • accessPolicy (string) --

    [REQUIRED]

    An IAM policy document that authorizes cross-account users to deliver their log events to associated destination.

Returns:

None

put_log_events(**kwargs)

Uploads a batch of log events to the specified log stream.

Every PutLogEvents request must include the sequenceToken obtained from the response of the previous request. An upload in a newly created log stream does not require a sequenceToken .

The batch of events must satisfy the following constraints:

  • The maximum batch size is 1,048,576 bytes, and this size is calculated as the sum of all event messages in UTF-8, plus 26 bytes for each log event.
  • None of the log events in the batch can be more than 2 hours in the future.
  • None of the log events in the batch can be older than 14 days or the retention period of the log group.
  • The log events in the batch must be in chronological ordered by their timestamp .
  • The maximum number of log events in a batch is 10,000.

Request Syntax

response = client.put_log_events(
    logGroupName='string',
    logStreamName='string',
    logEvents=[
        {
            'timestamp': 123,
            'message': 'string'
        },
    ],
    sequenceToken='string'
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group to put log events to.

  • logStreamName (string) --

    [REQUIRED]

    The name of the log stream to put log events to.

  • logEvents (list) --

    [REQUIRED]

    A list of log events belonging to a log stream.

    • (dict) --

      A log event is a record of some activity that was recorded by the application or resource being monitored. The log event record that Amazon CloudWatch Logs understands contains two properties: the timestamp of when the event occurred, and the raw event message.

      • timestamp (integer) -- [REQUIRED]

        A point in time expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.

      • message (string) -- [REQUIRED]
  • sequenceToken (string) -- A string token that must be obtained from the response of the previous PutLogEvents request.
Return type:

dict

Returns:

Response Syntax

{
    'nextSequenceToken': 'string',
    'rejectedLogEventsInfo': {
        'tooNewLogEventStartIndex': 123,
        'tooOldLogEventEndIndex': 123,
        'expiredLogEventEndIndex': 123
    }
}

Response Structure

  • (dict) --

    • nextSequenceToken (string) --

      A string token used for making PutLogEvents requests. A sequenceToken can only be used once, and PutLogEvents requests must include the sequenceToken obtained from the response of the previous request.

    • rejectedLogEventsInfo (dict) --

      • tooNewLogEventStartIndex (integer) --
      • tooOldLogEventEndIndex (integer) --
      • expiredLogEventEndIndex (integer) --

put_metric_filter(**kwargs)

Creates or updates a metric filter and associates it with the specified log group. Metric filters allow you to configure rules to extract metric data from log events ingested through PutLogEvents requests.

The maximum number of metric filters that can be associated with a log group is 100.

Request Syntax

response = client.put_metric_filter(
    logGroupName='string',
    filterName='string',
    filterPattern='string',
    metricTransformations=[
        {
            'metricName': 'string',
            'metricNamespace': 'string',
            'metricValue': 'string'
        },
    ]
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group to associate the metric filter with.

  • filterName (string) --

    [REQUIRED]

    A name for the metric filter.

  • filterPattern (string) --

    [REQUIRED]

    A valid CloudWatch Logs filter pattern for extracting metric data out of ingested log events.

  • metricTransformations (list) --

    [REQUIRED]

    A collection of information needed to define how metric data gets emitted.

    • (dict) --
      • metricName (string) -- [REQUIRED]

        The name of the CloudWatch metric to which the monitored log information should be published. For example, you may publish to a metric called ErrorCount.

      • metricNamespace (string) -- [REQUIRED]

        The destination namespace of the new CloudWatch metric.

      • metricValue (string) -- [REQUIRED]

        What to publish to the metric. For example, if you're counting the occurrences of a particular term like "Error", the value will be "1" for each occurrence. If you're counting the bytes transferred the published value will be the value in the log event.

Returns:

None

put_retention_policy(**kwargs)

Sets the retention of the specified log group. A retention policy allows you to configure the number of days you want to retain log events in the specified log group.

Request Syntax

response = client.put_retention_policy(
    logGroupName='string',
    retentionInDays=123
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group to associate the retention policy with.

  • retentionInDays (integer) --

    [REQUIRED]

    Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653.

Returns:

None

put_subscription_filter(**kwargs)

Creates or updates a subscription filter and associates it with the specified log group. Subscription filters allow you to subscribe to a real-time stream of log events ingested through PutLogEvents requests and have them delivered to a specific destination. Currently, the supported destinations are:

  • A Amazon Kinesis stream belonging to the same account as the subscription filter, for same-account delivery.
  • A logical destination (used via an ARN of Destination ) belonging to a different account, for cross-account delivery.

Currently there can only be one subscription filter associated with a log group.

Request Syntax

response = client.put_subscription_filter(
    logGroupName='string',
    filterName='string',
    filterPattern='string',
    destinationArn='string',
    roleArn='string'
)
Parameters:
  • logGroupName (string) --

    [REQUIRED]

    The name of the log group to associate the subscription filter with.

  • filterName (string) --

    [REQUIRED]

    A name for the subscription filter.

  • filterPattern (string) --

    [REQUIRED]

    A valid CloudWatch Logs filter pattern for subscribing to a filtered stream of log events.

  • destinationArn (string) --

    [REQUIRED]

    The ARN of the destination to deliver matching log events to. Currently, the supported destinations are:

    • A Amazon Kinesis stream belonging to the same account as the subscription filter, for same-account delivery.
    • A logical destination (used via an ARN of Destination ) belonging to a different account, for cross-account delivery.
  • roleArn (string) -- The ARN of an IAM role that grants Amazon CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination (used via an ARN of Destination ) for cross-account delivery.
Returns:

None

test_metric_filter(**kwargs)

Tests the filter pattern of a metric filter against a sample of log event messages. You can use this operation to validate the correctness of a metric filter pattern.

Request Syntax

response = client.test_metric_filter(
    filterPattern='string',
    logEventMessages=[
        'string',
    ]
)
Parameters:
  • filterPattern (string) --

    [REQUIRED]

    A symbolic description of how Amazon CloudWatch Logs should interpret the data in each log event. For example, a log event may contain timestamps, IP addresses, strings, and so on. You use the filter pattern to specify what to look for in the log event message.

  • logEventMessages (list) --

    [REQUIRED]

    A list of log event messages to test.

    • (string) --
Return type:

dict

Returns:

Response Syntax

{
    'matches': [
        {
            'eventNumber': 123,
            'eventMessage': 'string',
            'extractedValues': {
                'string': 'string'
            }
        },
    ]
}

Response Structure

  • (dict) --
    • matches (list) --
      • (dict) --
        • eventNumber (integer) --
        • eventMessage (string) --
        • extractedValues (dict) --
          • (string) --
            • (string) --