CloudWatch Insights

Overview

CloudWatch Logs Insights is a powerful tool for searching, analyzing, and troubleshooting log data stored in Amazon CloudWatch Logs. It helps you efficiently diagnose operational issues and validate fixes by enabling interactive queries.

Key Features:

1. Interactive Queries:

   • Use a purpose-built query language with commands tailored for log analysis.

   • Includes sample queries, autocompletion, and log field discovery to assist users.

2. Field Discovery & AI Assistance:

   • Automatically discovers fields in logs from AWS services (e.g., Route 53, Lambda, CloudTrail, VPC).

   • Supports logs in JSON format from custom or application logs.

   • Natural language support allows users to describe their query needs, and the system generates a query along with an explanation.

3. Cross-Account Observability:

   • In cross-account observability setups, users can query logs from multiple accounts and log groups through a monitoring account.

4. Query Limits and Performance:

   • A single query can search up to 50 log groups across accounts.

   • Queries time out after 60 minutes if not completed.

   • Results are retained for 7 days, and queries can be saved for future reuse.

5. Billing:

   • Charges are based on the amount of data queried. For more information, see Amazon CloudWatch pricing.

6. Availability:

   • Logs must have been collected after November 5, 2018, to be accessible through Logs Insights.

   • Queries can only access events created after the log group was established.