Allows running cloudwatch insight queries from within vscode. Removes the hussle of switching accounts when queries differante environments logs.
each query should looks like the following:
env;regions;log-group-name;duration[;max-results]
fields @timestamp, Level, MessageTemplate
| sort @timestamp desc
| limit 10
env: name of environment to query, should usually correspond with aws shared credentials profile that will be used to run the queryregions: the regions to run the query in (comma seperated). eg. 'us-east-1' or 'us-east-1,use-east-2' (without the quotes).log-group-name: the log group to query, you can specify multiple names with "," as seperator or using wildcards ("*")duration: the time range in duration human readable syntax, eg. 1h, 30m, 2d etc.. Its also support explicit time range with "->". For example, 2020-09-03T01:40+00:00->2020-09-03T01:50+00:00 (omit the +00 to use local time)max-results: optional, the maximum results to fatch from the server (defaults to 1000, requires the setting seperator to be ';')
Since version 0.4 the setting seperator chnaged from ':' to ';' (to support the optional 'max-results')
'#' at the beginning of the line mark the line as ignored
'#@' at the beginning of a line will set the results tab's title
just make sure your curser is somewhere inside a query and press ctrl+enter or run vscode command Execute CloudWatchlogs query
you can also highlight any part of existing query (as long as it contains the first line of args as mentions before)
click the magnifying glass button to open the log record in new page.
this will also format json values
seperate vscode container view allows you to save query files for easy access.
right click query file to open in new column
results view allows you to edit the query before refreshing the results
CloudWatchLogs client will use the env parameter as the aws shared credentials profile to use.
when no profile exists by that name, CloudWatchLogs client will fallback to AWS environment variables
CloudWatchLogs client will store the credentials in memmory until they expire and only then will try to
require new ones.
required permission for the active credentials are:
- logs:DescribeLogGroups
- logs:StartQuery
- logs:GetQueryResults
if you need to run some executable in order to prepare the share credentials profile, you can configure
authentication command in the extension setting. The authentication command will be the first step each time
the client tries to regain the credentials.
