1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
2
You can search using log insights as follows: (Replace your text to search)
fields @timestamp, @message
| filter @message like /your text to search/
| sort @timestamp desc
| limit 20
EDIT
Try this too
fields @timestamp, @message
| filter strcontains(@message, "status=400")
| sort @timestamp desc
| limit 20
관련 콘텐츠
AWS 공식업데이트됨 일 년 전- AWS 공식업데이트됨 일 년 전
- AWS 공식업데이트됨 8달 전
Hi Gary thank you for you quick response its really appreciated. i have run run it with adding my parameters but output is like this "Showing 0 of 0 records matched " it means no any records contain status=400. right.
Is your text status=400 in double quotes? Have you looked in the logs and tried searching for something you know thats there to test your search script? Have you also set the search time duration to say 1 day etc?
I have used this query.
fields @timestamp, @message | filter @message like /status=400/ | sort @timestamp desc | limit 20
i have select time duration as 1 hour , 1 week but it did not get any result , only gets this "Showing 0 of 0 records matched " after that i have replace the status code to 200 because known logs are there with status=200 then also did not get any result !
Try this instead
Hi Gary its worked thank you for your support its appreciated. I have change it like this way because first i have identify there no 400 errors from this message "Showing 0 of 0 records matched ", there is 401 and 201 codes. again thank you so much.
fields @timestamp | display @timestamp, errorMessage, status!="200" as ERROR