Type operation log-query

Must be executed asynchronously

Query CloudWatch to get log records for the Web servers or one of the lambdas

Applies to: AuditEvent

In parameters

Name Cardinality Type Documentation
end 1..1 Instant

End date of the log records
filter 0..1 String

Optional filter for the log entries, using the CloudWatch log insight filter syntax (without the 'filter' keyword)
limit 0..1 PositiveInt

Optional maximum number of log records to return. Defaults to 10,000 - that is also its maximum value
order 0..1 Code

Entries time ordering: either Asc for oldest first or Desc for newest first. Defaults to Desc.
source 0..1 Code

Which log source to use (one of WebServer|LambdaMap|LambdaIndex|LambdaQueueAgent. Defaults to WebServer
start 1..1 Instant

Start date of the log records

Out parameters

Name Cardinality Type Documentation
r 0..*

Returned matching record
t 1..1 Instant

Record event date and time
l 0..1 Code

Record event level: Debug, Information, Warning, Error etc. Optional, defaults to Information
m 1..1 String

Record event message
ptr 1..1 String

Record pointer. Use it to retrieve the full record using the $log-record operation
records-matched 1..1 Decimal

Number of records that matched the query
records-scanned 1..1 Decimal

Total number of records that have been scanned by the query