CloudWatchLogs client

Description

Allows running cloudwatch insight queries from within vscode. Removes the hussle of switching accounts when queries differante environments logs.

Syntax

each query should looks like the following:

env;regions;log-group-name;duration[;max-results]
fields @timestamp, Level, MessageTemplate
| sort @timestamp desc
| limit 10

env: name of environment to query, should usually correspond with aws shared credentials profile that will be used to run the query
regions: the regions to run the query in (comma seperated). eg. 'us-east-1' or 'us-east-1,use-east-2' (without the quotes).
log-group-name: the log group to query, you can specify multiple names with "," as seperator or using wildcards ("*")
duration: the time range in duration human readable syntax, eg. 1h, 30m, 2d etc.. Its also support explicit time range with "->". For example, 2020-09-03T01:40+00:00->2020-09-03T01:50+00:00 (omit the +00 to use local time)
max-results: optional, the maximum results to fatch from the server (defaults to 1000, requires the setting seperator to be ';')

Since version 0.4 the setting seperator chnaged from ':' to ';' (to support the optional 'max-results')

'#' at the beginning of the line mark the line as ignored
'#@' at the beginning of a line will set the results tab's title

Usage

just make sure your curser is somewhere inside a query and press ctrl+enter or run vscode command Execute CloudWatchlogs query simpleQuery

you can also highlight any part of existing query (as long as it contains the first line of args as mentions before) selectedQuery

click the magnifying glass button to open the log record in new page.
this will also format json values openLogRecord

seperate vscode container view allows you to save query files for easy access.
right click query file to open in new column contianerView

results view allows you to edit the query before refreshing the results editQuery

AWS Authentication

CloudWatchLogs client will use the env parameter as the aws shared credentials profile to use.
when no profile exists by that name, CloudWatchLogs client will fallback to AWS environment variables

CloudWatchLogs client will store the credentials in memmory until they expire and only then will try to
require new ones.

required permission for the active credentials are:

logs:DescribeLogGroups
logs:StartQuery
logs:GetQueryResults

if you need to run some executable in order to prepare the share credentials profile, you can configure authentication command in the extension setting. The authentication command will be the first step each time the client tries to regain the credentials. settings

CloudWatchLogs client

dorki