AWS CloudWatch Log Insights Query to get the log count for each pod
Overview
On the EKS cluster, I am using the fluent Bit to ship logs to AWS CloudWatch. As we know it's a bit difficult to analyze logs in CloudWatch unless you have a good knowledge of Log Insights querying.
I had an analytics use case in which I wanted to count the log count for applications deployed on the EKS cluster.
This post is about the query that I developed to get the log count for each pod.
Details
This query can be used to count the log count for different applications:
fields @timestamp, @message, kubernetes.container_name, kubernetes.container_name
| sort @timestamp desc
| stats count(*) as log_count by kubernetes.container_name | sort log_count descIt's going to look like this:
