The AWS::Logs::MetricFilter
resource specifies a metric filter that describes how CWL extracts information from logs and transforms it into Amazon CloudWatch metrics. If you have multiple metric filters that are associated with a log group, all the filters are applied to the log streams in that group.
The maximum number of metric filters that can be associated with a log group is 100.
To create Amazon CloudWatch log metric filter
resource "awscc_logs_metric_filter" "this" {
filter_name = "SamplePattern"
filter_pattern = ""
log_group_name = awscc_logs_log_group.this.id
metric_transformations = [{
metric_name = "EventCount"
metric_namespace = "YourNamespace"
metric_value = "1"
}]
}
resource "awscc_logs_log_group" "this" {
log_group_name = "SampleLogGroup"
retention_in_days = 90
tags = [
{
key = "Name"
value = "SampleLogGroup"
},
{
key = "Environment"
value = "Development"
},
{
key = "Modified By"
value = "AWSCC"
}
]
}
filter_pattern
(String) A filter pattern for extracting metric data out of ingested log events. For more information, see Filter and Pattern Syntax.log_group_name
(String) The name of an existing log group that you want to associate with this metric filter.metric_transformations
(Attributes List) The metric transformations. (see below for nested schema)filter_name
(String) The name of the metric filter.id
(String) Uniquely identifies the resource.metric_transformations
Required:
metric_name
(String) The name of the CloudWatch metric.metric_namespace
(String) A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see Namespaces.metric_value
(String) The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like Error
, specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as $.size
.Optional:
default_value
(Number) (Optional) The value to emit when a filter pattern does not match a log event. This value can be null.dimensions
(Attributes Set) The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.
Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as IPAddress
or requestID
as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.
CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.
You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see Creating a Billing Alarm to Monitor Your Estimated Charges. (see below for nested schema)unit
(String) The unit to assign to the metric. If you omit this, the unit is set as None
.metric_transformations.dimensions
Required:
key
(String) The name for the CW metric dimension that the metric filter creates.
Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).value
(String) The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, $.eventType
for JSON log events, or $server
for space-delimited log events.Import is supported using the following syntax:
$ terraform import awscc_logs_metric_filter.example <resource ID>