GetLogRecord
Retrieves all of the fields and values of a single log event. All fields are retrieved,
even if the original query that produced the logRecordPointer
retrieved only a
subset of fields. Fields are returned as field name/field value pairs.
The full unparsed log event is returned within @message
.
Request Syntax
{
"logRecordPointer": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- logRecordPointer
-
The pointer corresponding to the log event record you want to retrieve. You get this from the response of a
GetQueryResults
operation. In that response, the value of the@ptr
field for a log event is the value to use aslogRecordPointer
to retrieve that complete log event record.Type: String
Required: Yes
Response Syntax
{
"logRecord": {
"string" : "string"
}
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- logRecord
-
The requested log event, as a JSON string.
Type: String to string map
Errors
For information about the errors that are common to all actions, see Common Errors.
- InvalidParameterException
-
A parameter is specified incorrectly.
HTTP Status Code: 400
- LimitExceededException
-
You have reached the maximum number of resources that can be created.
HTTP Status Code: 400
- ResourceNotFoundException
-
The specified resource does not exist.
HTTP Status Code: 400
- ServiceUnavailableException
-
The service cannot complete the request.
HTTP Status Code: 500
Examples
To retrieve all fields for a specified log event
The following example retrieves the fields for a specified log event.
Sample Request
POST / HTTP/1.1
Host: logs.<region>.<domain>
X-Amz-Date: <DATE>
Authorization: AWS4-HMAC-SHA256 Credential=<Credential>, SignedHeaders=content-type;date;host;user-agent;x-amz-date;x-amz-target;x-amzn-requestid, Signature=<Signature>
User-Agent: <UserAgentString>
Accept: application/json
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Connection: Keep-Alive
X-Amz-Target: Logs_20140328.GetLogRecord
{
"logRecordPointer": "123456789"
}
Sample Response
HTTP/1.1 200 OK
x-amzn-RequestId: <RequestId>
Content-Type: application/x-amz-json-1.1
Content-Length: <PayloadSizeBytes>
Date: <Date>
{
"logRecord": {
"@timestamp" : "1536857812",
"@message" : "123456789012 eni-1234567890abcde123 6 33 ACCEPT"
"accountId" : "123456789012",
"interfaceId" : "eni-1234567890abcde123",
"protocol" : "6",
"packets" : "33",
"action" : "ACCEPT"
}
}
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: