CloudWatch AWS IoT log entries - AWS IoT Core
Message broker log entriesDevice Shadow log entriesAWS IoT Core for LoRaWAN log entriesRules engine log entriesJob log entriesDevice provisioning log entriesDynamic thing group log entriesCommon CloudWatch Logs attributes

CloudWatch AWS IoT log entries

Each component of AWS IoT generates its own log entries. Each log entry has an eventType that specifies the operation that caused the log entry to be generated. This section describes the log entries generated by the following AWS IoT components:

Message broker log entries

The AWS IoT message broker generates log entries for the following events:

Connect log entry

The AWS IoT message broker generates a log entry with an eventType of Connect when an MQTT client connects.

Connect log entry example

{
    "timestamp": "2017-08-10 15:37:23.476",
    "logLevel": "INFO",
    "traceId": "20b23f3f-d7f1-feae-169f-82263394fbdb",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "Connect",
    "protocol": "MQTT",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167",
    "sourceIp": "205.251.233.181",
    "sourcePort": 13490
}

In addition to the Common CloudWatch Logs attributes, Connect log entries contain the following attributes:

clientId

The ID of the client making the request.

principalId

The ID of the principal making the request.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

sourceIp

The IP address where the request originated.

sourcePort

The port where the request originated.

Disconnect log entry

The AWS IoT message broker generates a log entry with an eventType of Disconnect when an MQTT client disconnects.

Disconnect log entry example

{
    "timestamp": "2017-08-10 15:37:23.476",
    "logLevel": "INFO",
    "traceId": "20b23f3f-d7f1-feae-169f-82263394fbdb",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "Disconnect",
    "protocol": "MQTT",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167",
    "sourceIp": "205.251.233.181",
    "sourcePort": 13490
}

In addition to the Common CloudWatch Logs attributes, Disconnect log entries contain the following attributes:

clientId

The ID of the client making the request.

principalId

The ID of the principal making the request.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

sourceIp

The IP address where the request originated.

sourcePort

The port where the request originated.

Publish-In log entry

When the AWS IoT message broker receives an MQTT message, it generates a log entry with an eventType of Publish-In.

Publish-In log entry example

{
        "timestamp": "2017-08-10 15:39:30.961",
        "logLevel": "INFO",
        "traceId": "672ec480-31ce-fd8b-b5fb-22e3ac420699",
        "accountId": "123456789012",
        "status": "Success",
        "eventType": "Publish-In",
        "protocol": "MQTT",
        "topicName": "$aws/things/MyThing/shadow/get",
        "clientId": "abf27092886e49a8a5c1922749736453",
        "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167",
        "sourceIp": "205.251.233.181",
        "sourcePort": 13490
    }

In addition to the Common CloudWatch Logs attributes, Publish-In log entries contain the following attributes:

clientId

The ID of the client making the request.

principalId

The ID of the principal making the request.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

sourceIp

The IP address where the request originated.

sourcePort

The port where the request originated.

topicName

The name of the subscribed topic.

Publish-Out log entry

When the message broker publishes an MQTT message, it generates a log entry with an eventType of Publish-Out

Publish-Out log entry example

{
    "timestamp": "2017-08-10 15:39:30.961",
    "logLevel": "INFO",
    "traceId": "672ec480-31ce-fd8b-b5fb-22e3ac420699",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "Publish-Out",
    "protocol": "MQTT",
    "topicName": "$aws/things/MyThing/shadow/get",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167",
    "sourceIp": "205.251.233.181",
    "sourcePort": 13490
}

In addition to the Common CloudWatch Logs attributes, Publish-Out log entries contain the following attributes:

clientId

The ID of the client making the request.

principalId

The ID of the principal making the request.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

sourceIp

The IP address where the request originated.

sourcePort

The port where the request originated.

topicName

The name of the subscribed topic.

Subscribe log entry

The AWS IoT message broker generates a log entry with an eventType of Subscribe when an MQTT client subscribes to a topic.

Subscribe log entry example

{
    "timestamp": "2017-08-10 15:39:04.413",
    "logLevel": "INFO",
    "traceId": "7aa5c38d-1b49-3753-15dc-513ce4ab9fa6",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "Subscribe",
    "protocol": "MQTT",
    "topicName": "$aws/things/MyThing/shadow/#",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167",
    "sourceIp": "205.251.233.181",
    "sourcePort": 13490
}

In addition to the Common CloudWatch Logs attributes, Subscribe log entries contain the following attributes:

clientId

The ID of the client making the request.

principalId

The ID of the principal making the request.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

sourceIp

The IP address where the request originated.

sourcePort

The port where the request originated.

topicName

The name of the subscribed topic.

Device Shadow log entries

The AWS IoT Device Shadow service generates log entries for the following events:

DeleteThingShadow log entry

The Device Shadow service generates a log entry with an eventType of DeleteThingShadow when a request to delete a device's shadow is received.

DeleteThingShadow log entry example 

{
    "timestamp": "2017-08-07 18:47:56.664",
    "logLevel": "INFO",
    "traceId": "1a60d02e-15b9-605b-7096-a9f584a6ad3f",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "DeleteThingShadow",
    "protocol": "MQTT",
    "deviceShadowName": "Jack",
    "topicName": "$aws/things/Jack/shadow/delete"
}

In addition to the Common CloudWatch Logs attributes, DeleteThingShadow log entries contain the following attributes:

deviceShadowName

The name of the shadow to update.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

topicName

The name of the topic on which the request was published.

GetThingShadow log entry

The Device Shadow service generates a log entry with an eventType of GetThingShadow when a get request for a shadow is received.

GetThingShadow log entry example 

{
    "timestamp": "2017-08-09 17:56:30.941",
    "logLevel": "INFO",
    "traceId": "b575f19a-97a2-cf72-0ed0-c64a783a2504",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "GetThingShadow",
    "protocol": "MQTT",
    "deviceShadowName": "MyThing",
    "topicName": "$aws/things/MyThing/shadow/get"
}

In addition to the Common CloudWatch Logs attributes, GetThingShadow log entries contain the following attributes:

deviceShadowName

The name of the requested shadow.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

topicName

The name of the topic on which the request was published.

UpdateThingShadow log entry

The Device Shadow service generates a log entry with an eventType of UpdateThingShadow when a request to update a device's shadow is received.

UpdateThingShadow log entry example 

{
    "timestamp": "2017-08-07 18:43:59.436",
    "logLevel": "INFO",
    "traceId": "d0074ba8-0c4b-a400-69df-76326d414c28",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "UpdateThingShadow",
    "protocol": "MQTT",
    "deviceShadowName": "Jack",
    "topicName": "$aws/things/Jack/shadow/update"
}

In addition to the Common CloudWatch Logs attributes, UpdateThingShadow log entries contain the following attributes:

deviceShadowName

The name of the shadow to update.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

topicName

The name of the topic on which the request was published.

AWS IoT Core for LoRaWAN log entries

AWS IoT Core for LoRaWAN actions generate log entries for the following events.

Join error log entry

AWS IoT Core for LoRaWAN generates a log entry with an event value of Join when a message fails its Message Integrity Code (MIC) check.

Join error log entry example

{
    "timestamp": "2020-11-24T01:46:50.883481989Z",
    "resource": "WirelessDevice",
    "resourceId": "cb4c087c-1be5-4990-8654-ccf543ee9fff",
    "devEui": "58a0cb000020255c",
    "event": "Join",
    "logLevel": "ERROR",
    "message": "invalid MIC. It's most likely caused by wrong root keys."
}

Uplink permission error log entry

AWS IoT Core for LoRaWAN generates a log entry with an event value of Uplink when it encounters a permission error while processing a message.

Uplink permission error log entry example

{
    "resource": "WirelessDevice",
    "resourceId": "cb4c087c-1be5-4990-8654-ccf543ee9fff",
    "event": "Uplink",
    "logLevel": "ERROR",
    "message": "Cannot assume role MessageId: ef38877f-3454-4c99-96ed-5088c1cd8dee. WirelessDeviceId: cb4c087c-1be5-4990-8654-ccf543ee9fff. Context: LorawanDataPlaneUplink. reason: AccessDenied: User: arn:aws:sts::005196538709:assumed-role/DataRoutingServiceRole/6368b35fd48c445c9a14781b5d5890ed is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::400232685877:role/ExecuteRules_Role\tstatus code: 403, request id: 471c3e35-f8f3-4e94-b734-c862f63f4edb" }

Downlink error log entry

AWS IoT Core for LoRaWAN generates a log entry with an event value of Downlink when a device session is not found in an attempt to send data to a device.

Downlink error log entry example

{
    "resource": "WirelessGateway",
    "resourceId": "af5bada3-9ded-3416-9e2f-0d5fe052aeb8",
    "event": "Downlink",
    "logLevel": "ERROR",
    "message": "Downlink returns an error when delivering application message. MessageId: 5fb8754d-2640-97975399914acd58-0007. WirelessDeviceId: af5bada3-9ded-3416-9e2f-0d5fe052aeb8. Context: LorawanDataPlaneDownlink.  reason: {\"Message\":\"device session not found. deviceId=af5bada3-9ded-3416-9e2f-0d5fe052aeb8\"}"
}

Rules engine log entries

The AWS IoT rules engine generates logs for the following events:

FunctionExecution log entry

The rules engine generates a log entry with an eventType of FunctionExecution when a rule's SQL query calls an external function. An external function is called when a rule's action makes an HTTP request to AWS IoT or another web service (for example, calling get_thing_shadow or machinelearning_predict).

FunctionExecution log entry example 

{
    "timestamp": "2017-07-13 18:33:51.903",
    "logLevel": "DEBUG",
    "traceId": "180532b7-0cc7-057b-687a-5ca1824838f5",
    "status": "Success",
    "eventType": "FunctionExecution",
    "clientId": "N/A",
    "topicName":"rules/test",
    "ruleName": "ruleTestPredict",
    "ruleAction": "MachinelearningPredict",
    "resources": {
        "ModelId": "predict-model"
    },
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167"
}

In addition to the Common CloudWatch Logs attributes, FunctionExecution log entries contain the following attributes:

clientId

N/A for FunctionExecution logs.

principalId

The ID of the principal making the request.

resources

A collection of resources used by the rule's actions.

ruleName

The name of the matching rule.

topicName

The name of the subscribed topic.

RuleExecution log entry

When the AWS IoT rules engine triggers a rule's action, it generates a RuleExecution log entry.

RuleExecution log entry example

{
    "timestamp": "2017-08-10 16:32:46.070",
    "logLevel": "INFO",
    "traceId": "30aa7ccc-1d23-0b97-aa7b-76196d83537e",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "RuleExecution",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "topicName": "rules/test",
    "ruleName": "JSONLogsRule",
    "ruleAction": "RepublishAction",
    "resources": {
        "RepublishTopic": "rules/republish"
    },
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167"
}

In addition to the Common CloudWatch Logs attributes, RuleExecution log entries contain the following attributes:

clientId

The ID of the client making the request.

principalId

The ID of the principal making the request.

resources

A collection of resources used by the rule's actions.

ruleAction

The name of the action triggered.

ruleName

The name of the matching rule.

topicName

The name of the subscribed topic.

RuleMatch log entry

The AWS IoT rules engine generates a log entry with an eventType of RuleMatch when the message broker receives a message that matches a rule.

RuleMatch log entry example

{
    "timestamp": "2017-08-10 16:32:46.002",
    "logLevel": "INFO",
    "traceId": "30aa7ccc-1d23-0b97-aa7b-76196d83537e",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "RuleMatch",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "topicName": "rules/test",
    "ruleName": "JSONLogsRule",
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167"
}

In addition to the Common CloudWatch Logs attributes, RuleMatch log entries contain the following attributes:

clientId

The ID of the client making the request.

principalId

The ID of the principal making the request.

ruleName

The name of the matching rule.

topicName

The name of the subscribed topic.

RuleMessageThrottled log entry

When a message is throttled, the AWS IoT rules engine generates a log entry with an eventType of RuleMessageThrottled.

RuleMessageThrottled log entry example 

{
    "timestamp": "2017-10-04 19:25:46.070",
    "logLevel": "ERROR",
    "traceId": "30aa7ccc-1d23-0b97-aa7b-76196d83537e",
    "accountId": "123456789012",
    "status": "Failure",
    "eventType": "RuleMessageThrottled",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "topicName": "$aws/rules/example_rule",
    "ruleName": "example_rule",
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167",
    "reason": "RuleExecutionThrottled",
    "details": "Message for Rule example_rule throttled"
}

In addition to the Common CloudWatch Logs attributes, RuleMessageThrottled log entries contain the following attributes:

clientId

The ID of the client making the request.

details

A brief explanation of the error.

principalId

The ID of the principal making the request.

reason

The string "RuleMessageThrottled".

ruleName

The name of the rule to be triggered.

topicName

The name of the topic that was published.

RuleNotFound log entry

When the AWS IoT rules engine cannot find a rule with a given name, it generates a log entry with an eventType of RuleNotFound.

RuleNotFound log entry example 

{
    "timestamp": "2017-10-04 19:25:46.070",
    "logLevel": "ERROR",
    "traceId": "30aa7ccc-1d23-0b97-aa7b-76196d83537e",
    "accountId": "123456789012",
    "status": "Failure",
    "eventType": "RuleNotFound",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "topicName": "$aws/rules/example_rule",
    "ruleName": "example_rule",
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167",
    "reason": "RuleNotFound",
    "details": "Rule example_rule not found"
}

In addition to the Common CloudWatch Logs attributes, RuleNotFound log entries contain the following attributes:

clientId

The ID of the client making the request.

details

A brief explanation of the error.

principalId

The ID of the principal making the request.

reason

The string "RuleNotFound".

ruleName

The name of the rule that could not be found.

topicName

The name of the topic that was published.

StartingRuleExecution log entry

When the AWS IoT rules engine starts to trigger a rule's action, it generates a log entry with an eventType of StartingRuleExecution.

StartingRuleExecution log entry example 

{
    "timestamp": "2017-08-10 16:32:46.002",
    "logLevel": "DEBUG",
    "traceId": "30aa7ccc-1d23-0b97-aa7b-76196d83537e",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "StartingRuleExecution",
    "clientId": "abf27092886e49a8a5c1922749736453",
    "topicName": "rules/test",
    "ruleName": "JSONLogsRule",
    "ruleAction": "RepublishAction",
    "principalId": "145179c40e2219e18a909d896a5340b74cf97a39641beec2fc3eeafc5a932167"
}

In addition to the Common CloudWatch Logs attributes, rule- log entries contain the following attributes:

clientId

The ID of the client making the request.

principalId

The ID of the principal making the request.

ruleAction

The name of the action triggered.

ruleName

The name of the matching rule.

topicName

The name of the subscribed topic.

Job log entries

The AWS IoT Job service generates log entries for the following events. Log entries are generated when an MQTT or HTTP request is received from the device.

DescribeJobExecution log entry

The AWS IoT Jobs service generates a log entry with an eventType of DescribeJobExecution when the service receives a request to describe a job execution.

DescribeJobExecution log entry example 

{
    "timestamp": "2017-08-10 19:13:22.841",
    "logLevel": "DEBUG",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "DescribeJobExecution",
    "protocol": "MQTT",
    "clientId": "thingOne",
    "jobId": "002",
    "topicName": "$aws/things/thingOne/jobs/002/get",
    "clientToken": "myToken",
    "details": "The request status is SUCCESS."
}

In addition to the Common CloudWatch Logs attributes, GetJobExecution log entries contain the following attributes:

clientId

The ID of the client making the request.

clientToken

A unique, case-sensitive identifier to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.

details

Other information from the Jobs service.

jobId

The job ID for the job execution.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

topicName

The topic used to make the request.

GetPendingJobExecution log entry

The AWS IoT Jobs service generates a log entry with an eventType of GetPendingJobExecution when the service receives a job execution request.

GetPendingJobExecution log entry example 

{
    "timestamp": "2018-06-13 17:45:17.197",
    "logLevel": "DEBUG",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "GetPendingJobExecution",
    "protocol": "MQTT",
    "clientId": "299966ad-54de-40b4-99d3-4fc8b52da0c5",
    "topicName": "$aws/things/299966ad-54de-40b4-99d3-4fc8b52da0c5/jobs/get",
    "clientToken": "24b9a741-15a7-44fc-bd3c-1ff2e34e5e82",
    "details": "The request status is SUCCESS."
}

In addition to the Common CloudWatch Logs attributes, GetPendingJobExecution log entries contain the following attributes:

clientId

The ID of the client making the request.

clientToken

A unique, case sensitive identifier to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.

details

Other information from the Jobs service.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

topicName

The name of the subscribed topic.

ReportFinalJobExecutionCount log entry

The AWS IoT Jobs service generates a log entry with an entryType of ReportFinalJobExecutionCount when a job is completed.

ReportFinalJobExecutionCount log entry example

{
    "timestamp": "2017-08-10 19:44:16.776",
    "logLevel": "INFO",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "ReportFinalJobExecutionCount",
    "jobId": "002",
    "details": "Job 002 completed. QUEUED job execution count: 0 IN_PROGRESS job execution count: 0 FAILED job execution count: 0 SUCCEEDED job execution count: 1 CANCELED job execution count: 0 REJECTED job execution count: 0 REMOVED job execution count: 0"
}

In addition to the Common CloudWatch Logs attributes, ReportFinalJobExecutionCount log entries contain the following attributes:

details

Other information from the Jobs service.

jobId

The job ID for the job execution.

StartNextPendingJobExecution log entry

When it receives a request to start the next pending job execution, the AWS IoT Jobs service generates a log entry with an eventType of StartNextPendingJobExecution.

StartNextPendingJobExecution log entry example

{
    "timestamp": "2018-06-13 17:49:51.036",
    "logLevel": "DEBUG",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "StartNextPendingJobExecution",
    "protocol": "MQTT",
    "clientId": "95c47808-b1ca-4794-bc68-a588d6d9216c",
    "topicName": "$aws/things/95c47808-b1ca-4794-bc68-a588d6d9216c/jobs/start-next",
    "clientToken": "bd7447c4-3a05-49f4-8517-dd89b2c68d94",
    "details": "The request status is SUCCESS."
}

In addition to the Common CloudWatch Logs attributes, StartNextPendingJobExecution log entries contain the following attributes:

clientId

The ID of the client making the request.

clientToken

A unique, case sensitive identifier to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.

details

Other information from the Jobs service.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

topicName

The topic used to make the request.

UpdateJobExecution log entry

The AWS IoT Jobs service generates a log entry with an eventType of UpdateJobExecution when the service receives a request to update a job execution.

UpdateJobExecution log entry example 

{
    "timestamp": "2017-08-10 19:25:14.758",
    "logLevel": "DEBUG",
    "accountId": "123456789012",
    "status": "Success",
    "eventType": "UpdateJobExecution",
    "protocol": "MQTT",
    "clientId": "thingOne",
    "jobId": "002",
    "topicName": "$aws/things/thingOne/jobs/002/update",
    "clientToken": "myClientToken",
    "versionNumber": "1",
    "details": "The destination status is IN_PROGRESS. The request status is SUCCESS."
}

In addition to the Common CloudWatch Logs attributes, UpdateJobExecution log entries contain the following attributes:

clientId

The ID of the client making the request.

clientToken

A unique, case sensitive identifier to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.

details

Other information from the Jobs service.

jobId

The job ID for the job execution.

protocol

The protocol used when making the request. Valid values are MQTT or HTTP.

topicName

The topic used to make the request.

versionNumber

The version of the job execution.

Device provisioning log entries

The AWS IoT Device Provisioning service generates logs for the following events.

GetDeviceCredentials log entry

The AWS IoT Device Provisioning service generates a log entry with an eventType of GetDeviceCredential when a client calls GetDeviceCredential.

GetDeviceCredentials log entry example 

{
  "timestamp" : "2019-02-20 20:31:22.932",
  "logLevel" : "INFO",
  "traceId" : "8d9c016f-6cc7-441e-8909-7ee3d5563405",
  "accountId" : "123456789101",
  "status" : "Success",
  "eventType" : "GetDeviceCredentials",
  "deviceCertificateId" : "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
  "details" : "Additional details about this log."
}

In addition to the Common CloudWatch Logs attributes, GetDeviceCredentials log entries contain the following attributes:

details

A brief explanation of the error.

deviceCertificateId

The ID of the device certificate.

ProvisionDevice log entry

The AWS IoT Device Provisioning service generates a log entry with an eventType of ProvisionDevice when a client calls ProvisionDevice.

ProvisionDevice log entry example 

{
  "timestamp" : "2019-02-20 20:31:22.932",
  "logLevel" : "INFO",
  "traceId" : "8d9c016f-6cc7-441e-8909-7ee3d5563405",
  "accountId" : "123456789101",
  "status" : "Success",
  "eventType" : "ProvisionDevice",
  "provisioningTemplateName" : "myTemplate",
  "deviceCertificateId" : "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
  "details" : "Additional details about this log."
 }

In addition to the Common CloudWatch Logs attributes, ProvisionDevice log entries contain the following attributes:

details

A brief explanation of the error.

deviceCertificateId

The ID of the device certificate.

provisioningTemplateName

The name of the provisioning template.

Dynamic thing group log entries

AWS IoT Dynamic Thing Groups generate logs for the following event.

AddThingToDynamicThingGroupsFailed log entry

When AWS IoT was not able to add a thing to the specified dynamic groups, it generates a log entry with an eventType of AddThingToDynamicThingGroupsFailed. This happens when a thing met the criteria to be in the dynamic thing group; however, it could not be added to the dynamic group or it was removed from the dynamic group. This can happen because:

  • The thing already belongs to the maximum number of groups.

  • The --override-dynamic-groups option was used to add the thing to a static thing group. It was removed from a dynamic thing group to make that possible.

For more information, see Dynamic Thing Group Limitations and Conflicts.

AddThingToDynamicThingGroupsFailed log entry example

This example shows the log entry of an AddThingToDynamicThingGroupsFailed error. In this example, TestThing met the criteria to be in the dynamic thing groups listed in dynamicThingGroupNames, but could not be added to those dynamic groups, as described in reason. 

{
 "timestamp": "2020-03-16 22:24:43.804",
 "logLevel": "ERROR",
 "traceId": "70b1f2f5-d95e-f897-9dcc-31e68c3e1a30",
 "accountId": "571032923833",
 "status": "Failure",
 "eventType": "AddThingToDynamicThingGroupsFailed",
 "thingName": "TestThing",
 "dynamicThingGroupNames": [
  "DynamicThingGroup11",
  "DynamicThingGroup12",
  "DynamicThingGroup13",
  "DynamicThingGroup14"
 ],
 "reason": "The thing failed to be added to the given dynamic thing group(s) because the thing already belongs to the maximum allowed number of groups."
}

In addition to the Common CloudWatch Logs attributes, AddThingToDynamicThingGroupsFailed log entries contain the following attributes:

dynamicThingGroupNames

An array of the dynamic thing groups to which the thing could not be added.

reason

The reason why the thing could not be added to the dynamic thing groups.

thingName

The name of the thing that could not be added to a dynamic thing group.

Common CloudWatch Logs attributes

All CloudWatch Logs log entries include these attributes:

accountId

Your AWS account ID.

eventType

The event type for which the log was generated. The value of the event type depends on the event that generated the log entry. Each log entry description includes the value of eventType for that log entry.

logLevel

The log level being used. For more information, see Log levels.

status

The status of the request.

timestamp

The UNIX timestamp of when the client connected to the AWS IoT message broker.

traceId

A randomly generated identifier that can be used to correlate all logs for a specific request.