Skip to content

Coralogix Reporter

Coralogix reporter allows you to automate the generation of a periodic report that includes the formatted results of a predefined OpenSearch Query. This report can be distributed automatically to a mailing list.

To define and set up a report go to AWS’s Serverless Application Repository and search for "Coralogix". Click on the link to "Coralogix-Reporter".

The application requires the following parameters:

  • Verified AWS SES email/domain.

  • CoralogixRegion. Region associated with your Coralogix domain

  • You need to create a personal or team API key. It’s recommended to use permission presets, as they are automatically updated with all relevant permissions. Alternatively, you can manually add individual permissions.

Preset Action Description
DataQuerying LEGACY-ARCHIVE-QUERIES:EXECUTE
LOGS.DATA-API#HIGH:READDATA
LOGS.DATA-API#LOW:READDATA
METRICS.DATA-API#HIGH:READDATA
SPANS.DATA-API#HIGH:READDATA
SPANS.DATA-API#LOW:READDATA
Query Data from the Archive
Query Frequent Search Logs
Query Monitoring & Compliance Logs
Query Metrics
Query Frequent Search Spans
Query Monitoring & Compliance Spans
  • Query. OpenSearch query

  • Sender. a list of comma-separated e-mails

  • Recipient. a list of comma-separated e-mails

  • RequestTimeout. The OpenSearch query timeout

  • Schedule. CloudWatch rules schedule expression

  • ScheduleEnable. true when the schedule is active and false when it is inactive

  • Subject. report email subject line

  • Template. JMESPath expression to structure the OpenSearch response

Note: Do not change the function memory size and function timeout parameters. You can adjust the query request timeout based on your needs.

Report Example

Query the account every day at 08:00 to find mapping exceptions:

OpenSearch query:

{"size":0,"query":{"bool":{"filter":[{"query_string":{"query":"_exists_:coralogix.failed_reason"}},{"range":{"coralogix.timestamp":{"gte":"now-24h","lt":"now"}}}]}},"aggs":{"exceptions":{"terms":{"field":"coralogix.failed_reason","size":20}}}}

Schedule:

cron(0 0 */8 ? * *)

Template:

aggregations.exceptions.buckets[*].{"Exception":key,"Count":doc_count}

Support

Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].