Package-level declarations

You can use Amazon CloudWatch Logs to monitor, store, and access your log files from EC2 instances, CloudTrail, and other sources. You can then retrieve the associated log data from CloudWatch Logs using the CloudWatch console. Alternatively, you can use CloudWatch Logs commands in the Amazon Web Services CLI, CloudWatch Logs API, or CloudWatch Logs SDK.

Associates the specified KMS key with either one log group in the account, or with all stored CloudWatch Logs query insights results in the account.

Cancels the specified export task.

Creates a delivery. A delivery is a connection between a logical delivery source and a logical delivery destination that you have already created.

Creates an export task so that you can efficiently export data from a log group to an Amazon S3 bucket. When you perform a CreateExportTask operation, you must use credentials that have permission to write to the S3 bucket that you specify as the destination.

Creates an anomaly detector that regularly scans one or more log groups and look for patterns and anomalies in the logs.

Creates a log group with the specified name. You can create up to 1,000,000 log groups per Region per account.

Creates a log stream for the specified log group. A log stream is a sequence of log events that originate from a single source, such as an application instance or a resource that is being monitored.

Deletes a CloudWatch Logs account policy. This stops the policy from applying to all log groups or a subset of log groups in the account. Log-group level policies will still be in effect.

Deletes the data protection policy from the specified log group.

Deletes s delivery. A delivery is a connection between a logical delivery source and a logical delivery destination. Deleting a delivery only deletes the connection between the delivery source and delivery destination. It does not delete the delivery destination or the delivery source.

Deletes a delivery destination. A delivery is a connection between a logical delivery source and a logical delivery destination.

Deletes a delivery destination policy. For more information about these policies, see PutDeliveryDestinationPolicy.

Deletes a delivery source. A delivery is a connection between a logical delivery source and a logical delivery destination.

Deletes the specified destination, and eventually disables all the subscription filters that publish to it. This operation does not delete the physical resource encapsulated by the destination.

Deletes the specified CloudWatch Logs anomaly detector.

Deletes the specified log group and permanently deletes all the archived log events associated with the log group.

Deletes the specified log stream and permanently deletes all the archived log events associated with the log stream.

Deletes the specified metric filter.

Deletes a saved CloudWatch Logs Insights query definition. A query definition contains details about a saved CloudWatch Logs Insights query.

Deletes a resource policy from this account. This revokes the access of the identities in that policy to put log events to this account.

Deletes the specified retention policy.

Deletes the specified subscription filter.

Returns a list of all CloudWatch Logs account policies in the account.

Retrieves a list of the deliveries that have been created in the account.

Retrieves a list of the delivery destinations that have been created in the account.

Retrieves a list of the delivery sources that have been created in the account.

Lists all your destinations. The results are ASCII-sorted by destination name.

Lists the specified export tasks. You can list all your export tasks or filter the results based on task ID or task status.

Lists the specified log groups. You can list all your log groups or filter the results by prefix. The results are ASCII-sorted by log group name.

Lists the log streams for the specified log group. You can list all the log streams or filter the results by prefix. You can also control how the results are ordered.

Lists the specified metric filters. You can list all of the metric filters or filter the results by log name, prefix, metric name, or metric namespace. The results are ASCII-sorted by filter name.

Returns a list of CloudWatch Logs Insights queries that are scheduled, running, or have been run recently in this account. You can request all queries or limit it to queries of a specific log group or queries with a certain status.

This operation returns a paginated list of your saved CloudWatch Logs Insights query definitions. You can retrieve query definitions from the current account or from a source account that is linked to the current account.

Lists the resource policies in this account.

Lists the subscription filters for the specified log group. You can list all the subscription filters or filter the results by prefix. The results are ASCII-sorted by filter name.

Disassociates the specified KMS key from the specified log group or from all CloudWatch Logs Insights query results in the account.

Lists log events from the specified log group. You can list all the log events or filter the results using a filter pattern, a time range, and the name of the log stream.

Returns information about a log group data protection policy.

Returns complete information about one logical delivery. A delivery is a connection between a delivery source and a delivery destination.

Retrieves complete information about one delivery destination.

Retrieves the delivery destination policy assigned to the delivery destination that you specify. For more information about delivery destinations and their policies, see PutDeliveryDestinationPolicy.

Retrieves complete information about one delivery source.

Retrieves information about the log anomaly detector that you specify.

Lists log events from the specified log stream. You can list all of the log events or filter using a time range.

Returns a list of the fields that are included in log events in the specified log group. Includes the percentage of log events that contain each field. The search is limited to a time period that you specify.

Retrieves all of the fields and values of a single log event. All fields are retrieved, even if the original query that produced the logRecordPointer retrieved only a subset of fields. Fields are returned as field name/field value pairs.

Returns the results from the specified query.

Returns a list of anomalies that log anomaly detectors have found. For details about the structure format of each anomaly object that is returned, see the example in this section.

Retrieves a list of the log anomaly detectors in the account.

Displays the tags associated with a CloudWatch Logs resource. Currently, log groups and destinations support tagging.

The ListTagsLogGroup operation is on the path to deprecation. We recommend that you use ListTagsForResource instead.

Creates an account-level data protection policy or subscription filter policy that applies to all log groups or a subset of log groups in the account.

Creates a data protection policy for the specified log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data.

Creates or updates a logical delivery destination. A delivery destination is an Amazon Web Services resource that represents an Amazon Web Services service that logs can be sent to. CloudWatch Logs, Amazon S3, and Kinesis Data Firehose are supported as logs delivery destinations.

Creates and assigns an IAM policy that grants permissions to CloudWatch Logs to deliver logs cross-account to a specified destination in this account. To configure the delivery of logs from an Amazon Web Services service in another account to a logs delivery destination in the current account, you must do the following:

Creates or updates a logical delivery source. A delivery source represents an Amazon Web Services resource that sends logs to an logs delivery destination. The destination can be CloudWatch Logs, Amazon S3, or Kinesis Data Firehose.

Creates or updates a destination. This operation is used only to create destinations for cross-account subscriptions.

Creates or updates an access policy associated with an existing destination. An access policy is an IAM policy document that is used to authorize claims to register a subscription filter against a given destination.

Uploads a batch of log events to the specified log stream.

Creates or updates a metric filter and associates it with the specified log group. With metric filters, you can configure rules to extract metric data from log events ingested through PutLogEvents.

Creates or updates a query definition for CloudWatch Logs Insights. For more information, see Analyzing Log Data with CloudWatch Logs Insights.

Creates or updates a resource policy allowing other Amazon Web Services services to put log events to this account, such as Amazon Route 53. An account can have up to 10 resource policies per Amazon Web Services Region.

Sets the retention of the specified log group. With a retention policy, you can configure the number of days for which to retain log events in the specified log group.

Creates or updates a subscription filter and associates it with the specified log group. With subscription filters, you can subscribe to a real-time stream of log events ingested through PutLogEvents and have them delivered to a specific destination. When log events are sent to the receiving service, they are Base64 encoded and compressed with the GZIP format.

Schedules a query of a log group using CloudWatch Logs Insights. You specify the log group and time range to query and the query string to use.

Stops a CloudWatch Logs Insights query that is in progress. If the query has already ended, the operation returns an error indicating that the specified query is not running.

The TagLogGroup operation is on the path to deprecation. We recommend that you use TagResource instead.

Assigns one or more tags (key-value pairs) to the specified CloudWatch Logs resource. Currently, the only CloudWatch Logs resources that can be tagged are log groups and destinations.

Tests the filter pattern of a metric filter against a sample of log event messages. You can use this operation to validate the correctness of a metric filter pattern.

The UntagLogGroup operation is on the path to deprecation. We recommend that you use UntagResource instead.

Removes one or more tags from the specified resource.

Use this operation to suppress anomaly detection for a specified anomaly or pattern. If you suppress an anomaly, CloudWatch Logs won’t report new occurrences of that anomaly and won't update that anomaly with new data. If you suppress a pattern, CloudWatch Logs won’t report any anomalies related to that pattern.

Updates an existing log anomaly detector.

Create a copy of the client with one or more configuration values overridden. This method allows the caller to perform scoped config overrides for one or more client operations.