list_anomalous_log_groups

DevOpsGuru.Client.list_anomalous_log_groups(**kwargs)

Returns the list of log groups that contain log anomalies.

See also: AWS API Documentation

Request Syntax

response = client.list_anomalous_log_groups(
    InsightId='string',
    MaxResults=123,
    NextToken='string'
)
Parameters
  • InsightId (string) --

    [REQUIRED]

    The ID of the insight containing the log groups.

  • MaxResults (integer) -- The maximum number of results to return with a single call. To retrieve the remaining results, make another call with the returned nextToken value.
  • NextToken (string) -- The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
Return type

dict

Returns

Response Syntax

{
    'InsightId': 'string',
    'AnomalousLogGroups': [
        {
            'LogGroupName': 'string',
            'ImpactStartTime': datetime(2015, 1, 1),
            'ImpactEndTime': datetime(2015, 1, 1),
            'NumberOfLogLinesScanned': 123,
            'LogAnomalyShowcases': [
                {
                    'LogAnomalyClasses': [
                        {
                            'LogStreamName': 'string',
                            'LogAnomalyType': 'KEYWORD'|'KEYWORD_TOKEN'|'FORMAT'|'HTTP_CODE'|'BLOCK_FORMAT'|'NUMERICAL_POINT'|'NUMERICAL_NAN'|'NEW_FIELD_NAME',
                            'LogAnomalyToken': 'string',
                            'LogEventId': 'string',
                            'Explanation': 'string',
                            'NumberOfLogLinesOccurrences': 123,
                            'LogEventTimestamp': datetime(2015, 1, 1)
                        },
                    ]
                },
            ]
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • InsightId (string) --

      The ID of the insight containing the log groups.

    • AnomalousLogGroups (list) --

      The list of Amazon CloudWatch log groups that are related to an insight.

      • (dict) --

        An Amazon CloudWatch log group that contains log anomalies and is used to generate an insight.

        • LogGroupName (string) --

          The name of the CloudWatch log group.

        • ImpactStartTime (datetime) --

          The time the anomalous log events began. The impact start time indicates the time of the first log anomaly event that occurs.

        • ImpactEndTime (datetime) --

          The time the anomalous log events stopped.

        • NumberOfLogLinesScanned (integer) --

          The number of log lines that were scanned for anomalous log events.

        • LogAnomalyShowcases (list) --

          The log anomalies in the log group. Each log anomaly displayed represents a cluster of similar anomalous log events.

          • (dict) --

            A cluster of similar anomalous log events found within a log group.

            • LogAnomalyClasses (list) --

              A list of anomalous log events that may be related.

              • (dict) --

                Information about an anomalous log event found within a log group.

                • LogStreamName (string) --

                  The name of the Amazon CloudWatch log stream that the anomalous log event belongs to. A log stream is a sequence of log events that share the same source.

                • LogAnomalyType (string) --

                  The type of log anomaly that has been detected.

                • LogAnomalyToken (string) --

                  The token where the anomaly was detected. This may refer to an exception or another location, or it may be blank for log anomalies such as format anomalies.

                • LogEventId (string) --

                  The ID of the log event.

                • Explanation (string) --

                  The explanation for why the log event is considered an anomaly.

                • NumberOfLogLinesOccurrences (integer) --

                  The number of log lines where this anomalous log event occurs.

                • LogEventTimestamp (datetime) --

                  The time of the first occurrence of the anomalous log event.

    • NextToken (string) --

      The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.

Exceptions

  • DevOpsGuru.Client.exceptions.AccessDeniedException
  • DevOpsGuru.Client.exceptions.InternalServerException
  • DevOpsGuru.Client.exceptions.ResourceNotFoundException
  • DevOpsGuru.Client.exceptions.ThrottlingException
  • DevOpsGuru.Client.exceptions.ValidationException