Coralogix Reporter

Coralogix reporter allows you to automate the generation of a periodic report that includes the formatted results of a predefined OpenSearch Query. This report can be distributed automatically to a mailing list.

To define and set up a report go to AWS’s Serverless Application Repository and search for “Coralogix”. Click on the link to “Coralogix-Reporter”.

The application requires the following parameters:

• Verified AWS SES email/domain.
• CoralogixRegion. Region associated with your Coralogix domain
• LogsQueryKey. can be found in your Coralogix account under Data Flow > API Keys > Logs Query Key
• Query. OpenSearch query
• Sender. a list of comma-separated e-mails
• Recipient. a list of comma-separated e-mails
• RequestTimeout. The OpenSearch query timeout
• Schedule. CloudWatch rules schedule expression
• ScheduleEnable. true when the schedule is active and false when it is inactive
• Subject. report email subject line
• Template. JMESPath expression to structure the OpenSearch response

Note: Do not change the function memory size and function timeout parameters. You can adjust the query request timeout based on your needs.

Report Example

Query the account every day at 08:00 to find mapping exceptions:

OpenSearch query:

{"size":0,"query":{"bool":{"filter":[{"query_string":{"query":"_exists_:coralogix.failed_reason"}},{"range":{"coralogix.timestamp":{"gte":"now-24h","lt":"now"}}}]}},"aggs":{"exceptions":{"terms":{"field":"coralogix.failed_reason","size":20}}}}

Schedule:

cron(0 0 */8 ? * *)

Template:

aggregations.exceptions.buckets[*].{"Exception":key,"Count":doc_count}

Support

Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].