Coralogix Reporter

Last Updated: Aug. 02, 2023

Coralogix reporter allows you to automate the generation of a periodic report that includes the formatted results of a predefined query. This report can be distributed automatically to a mailing list.

To define and set up a report go to AWS’s Serverless Application Repository and search for ‘Coralogix’. Click on the link to ‘Coralogix-Elasticsearch-Reporter’.

The application requires the following parameters:

Verified AWS SES email/domain.
CoralogixRegion – Region associated with your Coralogix domain
Enabled – `true` when the report is active and `false` when it is inactive
PrivateKey – The Send-Your-Data API key can be found in your Coralogix account under `Settings` -> `Account` -> `API Access` -> `Elasticsearch API key`
Query – Elasticsearch query
Recipient – a list of comma-separated e-mails
RequestTimeout – the Elasticsearch query timeout
Schedule – CloudWatch rules schedule expression
Subject – report email subject line
Template – JMESPath expression to structure the Elasticsearch response

Don’t change the memory size and function timeout parameters. You can adjust the query timeout based on your needs.

Report example:

Queries the account every day at 08:00 to find mapping exceptions:

Elasticsearch query:

{"size":0,"query":{"bool":{"filter":[{"query_string":{"query":"_exists_:coralogix.failed_reason"}},{"range":{"coralogix.timestamp":{"gte":"now-24h","lt":"now"}}}]}},"aggs":{"exceptions":{"terms":{"field":"coralogix.failed_reason","size":20}}}}

Schedule:

cron(0 0 */8 ? * *)

Template:

aggregations.exceptions.buckets[*].{"Exception":key,"Count":doc_count}

Download our logo in high resolution

<img width="700" height="500" src="https://coralogix.com/wp-content/uploads/2020/12/reporter.png" alt="Coralogix Reporter"> Coralogix Reporter

On this page

Coralogix Reporter