![renovate[bot]](https://avatars.githubusercontent.com/in/2740?v=4&size=40){kind=avatar}
ecs-service-logs is used to filter JSON-formatted log lines in CloudWatch.
For OSX Homebrew:
brew tap trussworks/tap
brew install ecs-service-logsEasily filter JSON formatted application logs from an ECS Service or Task. This tool compiles a chain of filters into a filter pattern in the format used by CloudWatch Logs. You can filter application logs by ECS Cluster (--cluster), ECS Service (--service), and environment (--environment). When filtering logs for a stopped task, use "--status STOPPED". Trailing positional arguments are added to the query. Equality (X=Y) and inverse equality (X!=Y) are supported. Wildcards are also supported, e.g, "url!=health*".
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html.
Usage:
ecs-service-logs show [flags] [msg=XYZ] [referer=XYZ]...
Flags:
--aws-region string The AWS Region (default "us-west-2")
-c, --cluster string The cluster name
-f, --ecs-task-def-family string The ECS task definition family.
-r, --ecs-task-def-revision string The ECS task definition revision.
-e, --environment string The environment name
-b, --git-branch string The git branch
--git-commit string The git commit
-h, --help help for show
-l, --level string The log level: debug, info, warn, error, panic, fatal
-n, --limit int If 1 or above, the maximum number of log events to print to stdout. (default -1)
-p, --page-size int The page size or maximum number of log events to return during each API call. The default is 10,000 log events. (default -1)
-s, --service string The service name
--status string The task status: RUNNING, STOPPED, ALL (default "ALL")
-t, --tasks int If 1 or above, the maximum number of log streams (aka tasks) to print to stdout. (default 10)
-v, --verbose Print section linesSearch for a client IP Address.
ecs-service-logs show -s app -e staging x-forwarded-for=*1.2.3.4Search for a client IP Address in only running tasks.
ecs-service-logs show --status RUNNING -c app-staging -s app x-forwarded-for=*1.2.3.4Search for requests in a given environment, but not health checks (url is defined but does not start with /health).
ecs-service-logs show -s app -e staging url=* url!=/health*Filter by url is defined and git commit.
ecs-service-logs show -s app -e experimental url=* git_commit=asdfnh98nwuefr9a8jfFilter by url is defined and the number of headers is greater than 14.
ecs-service-logs show -s app -e experimental url=* "headers>14"Search for requests with an event type, status, and specified time range
ecs-service-logs show -s app -e experimental event_type="create_office_user" --status=ALL --start-time=2019-09-16T23:43:00Z --end-time=2019-09-16T23:43:20ZNote: event_type will follow the convention of
{ACTION}_{SINGULAR_RECORD_TYPE} where ACTION can be one of create, update, or delete
![@renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=64&v=4){kind=small}
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
![@kodiakhq[bot]](https://avatars.githubusercontent.com/in/29196?s=64&v=4){kind=small}
