AWS::Logs::ScheduledQuery

Creates a scheduled query that runs CloudWatch Logs Insights queries at regular intervals. Scheduled queries enable proactive monitoring by automatically executing queries to detect patterns and anomalies in your log data. Query results can be delivered to Amazon S3 for analysis or further processing.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::Logs::ScheduledQuery",
  "Properties" : {
      "Description" : String,
      "DestinationConfiguration" : DestinationConfiguration,
      "ExecutionRoleArn" : String,
      "LogGroupIdentifiers" : [ String, ... ],
      "Name" : String,
      "QueryLanguage" : String,
      "QueryString" : String,
      "ScheduleEndTime" : Number,
      "ScheduleExpression" : String,
      "ScheduleStartTime" : Number,
      "StartTimeOffset" : Integer,
      "State" : String,
      "Tags" : [ TagsItems, ... ],
      "Timezone" : String
    }
}

YAML


Type: AWS::Logs::ScheduledQuery
Properties:
  Description: String
  DestinationConfiguration: 
    DestinationConfiguration
  ExecutionRoleArn: String
  LogGroupIdentifiers: 
    - String
  Name: String
  QueryLanguage: String
  QueryString: 
    String
  ScheduleEndTime: Number
  ScheduleExpression: String
  ScheduleStartTime: Number
  StartTimeOffset: Integer
  State: String
  Tags: 
    - TagsItems
  Timezone: String

Properties

Description

Property description not available.

Required: No

Type: String

Maximum: 1024

Update requires: No interruption

DestinationConfiguration

Configuration for where query results are delivered.

Required: No

Type: DestinationConfiguration

Update requires: No interruption

ExecutionRoleArn

Property description not available.

Required: Yes

Type: String

Update requires: No interruption

LogGroupIdentifiers

Property description not available.

Required: No

Type: Array of String

Minimum: 1

Maximum: 50

Update requires: No interruption

Name

The name of the scheduled query.

Required: Yes

Type: String

Pattern: ^[a-zA-Z0-9_\-/.#]+$

Minimum: 1

Maximum: 255

Update requires: Replacement

QueryLanguage

Property description not available.

Required: Yes

Type: String

Update requires: No interruption

QueryString

Property description not available.

Required: Yes

Type: String

Minimum: 0

Maximum: 10000

Update requires: No interruption

ScheduleEndTime

Property description not available.

Required: No

Type: Number

Update requires: No interruption

ScheduleExpression

The cron expression that defines when the scheduled query runs.

Required: Yes

Type: String

Maximum: 256

Update requires: No interruption

ScheduleStartTime

Property description not available.

Required: No

Type: Number

Update requires: No interruption

StartTimeOffset

Property description not available.

Required: No

Type: Integer

Update requires: No interruption

State

The current state of the scheduled query.

Required: No

Type: String

Allowed values: ENABLED | DISABLED

Update requires: No interruption

Tags

Property description not available.

Required: No

Type: Array of TagsItems

Update requires: No interruption

Timezone

The timezone used for evaluating the schedule expression.

Required: No

Type: String

Minimum: 1

Update requires: No interruption

Return values

Ref

Fn::GetAtt

CreationTime: The timestamp when the scheduled query was created.
LastExecutionStatus: The status of the most recent execution.
LastTriggeredTime: The timestamp when the scheduled query was last executed.
LastUpdatedTime: The timestamp when the scheduled query was last updated.
ScheduledQueryArn: The ARN of the scheduled query.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

AWS::Logs::ResourcePolicy

DestinationConfiguration