TUTORIALS

Tutorials

Query Archive CLI for AWS S3

AWS Coralogix-Archive-Scanner CLI is our solution to scan and query your Coralogix logs that are archived on an S3 bucket without needing to reindex the data.

You can filter your logs by coralogix metadata fields such as application name, subsystem name, and severity and also by querying the data itself.

Before installing the CLI, please make sure that you’ve configured your own S3 bucket on AWS to work with Coralogix, as described in this tutorial.

 

Install the AWS Coralogix-Archive-Scanner version for MacOS

Download the AWS Scanner CLI:

wget https://coralogix-public.s3-eu-west-1.amazonaws.com/scanner/v0.2.1/scanner-macOS.gz


Extract the files

gunzip scanner-macOS.gz

Mark it executable

chmod +x scanner-macOS

 

Install the AWS Coralogix-Archive-Scanner version for Linux

Download the AWS Scanner CLI:

wget https://coralogix-public.s3-eu-west-1.amazonaws.com/scanner/v0.2.1/scanner-Linux.gz


Extract the files

gunzip scanner-Linux.gz

Mark it executable

chmod +x scanner-Linux

Set your variables:

export AWS_REGION=YOUR_REGION

export AWS_ACCESS_KEY=YOUR_AWS_ACCESS_KEY

export AWS_SECRET_ACCESS_KEY=YOUR_AWS_SECRET_ACCESS_KEY

The various options that you have to use:

S3 bucket             
--bucket [bucket name], -b [bucket name]
Time range - Start  --range-start [start time], -s [start time]
Time range - End  --range-end [end time], -e [end time]
Application --application-name [application]
Subsystem--subsystem [subsystem]
Severity --severity [severity]
Limit the number of logs-c [number]
Query" [Your Query] "

 

Examples with multiple options

QueryExplanation
./scanner-macOS --bucket coralogix-tutorial -s "2020-08-18T16:30:00" -e "2020-08-18T17:00:00" -c 5Retrieve the first 5 rows within the time range
./scanner-macOS --bucket coralogix-tutorial --range-start 2020-08-18T00:01:01Z --range-end 2020-08-18T00:09:05Z -c 5 "NOT s3_bucket:amir-blog-logs"Retrieves the top 5 results of the query within the time range
./scanner-macOS -b coralogix-tutorial -s 2020-08-18T00:01:01Z -e 2020-08-18T16:59:05Z --application-name Prod --subsystem Coralogix --severity infoRetrieve all the logs from Prod application and Coralogix subsystem with info severity within the time range

Start solving your production issues faster

Let's talk about how Coralogix can help you better understand your logs

Managed, Scaled and Compliant ELK Stack

No credit card required

Get a personalized demo

Jump on a call with one of our experts and get a live personalized demonstration