Posted On: Jul 26, 2019

CloudWatch Logs Insights is an interactive log analytics service in CloudWatch that helps developers, engineers, and operators easily explore, analyze, and visualize logs when debugging applications or when troubleshooting operational problems. Users can get answers in seconds from system and application logs using a log query language, whether they are searching for specific errors across millions of log events, summarizing values across log events to better understand a system or application, or visualizing log data as time series to better understand behavior over time.

Today, CloudWatch Logs Insights is introducing cross-log group querying, allowing users to execute a log query across multiple log groups within the same account. Users can now obtain answers from multiple logs in a single query or search, without having to run a query multiple times or without having to combine multiple log groups in a single one, in turn helping them more rapidly detect or resolve operational issues.

Cross-log group querying is useful in many application architectures that depend on multiple log groups for their logging, including traditional multi-tier applications, containerized environments, or serverless applications. For example, users can now detect a spike in errors or exceptions across multiple Amazon Lambda functions, or they can find log events related to a specific customer or account id across log groups from different containers. With the ability to run queries across multiple log groups at once, users can now see multiple log groups as if they were one, without having to centralize large volumes of logs in a single log group.

To begin querying your logs, simply go to the CloudWatch Logs Insights Console, select your log groups, and enter your query. Cross-log group querying is available via the CloudWatch Logs Insights Console, API and SDK.

To learn more about the query language of CloudWatch Logs Insights, please visit the documentation.