i'm trying to simplify my config.yaml based on this tutorial
currently if i put this in my config
- type: "cloudwatch-logs"
id: "arn:aws:logs:ap-southeast-1:xxxxxxxxxx:log-group:*:*"
outputs:
- type: "elasticsearch"
args:
cloud_id: "${elastic_cloud_id}"
api_key: "${elastic_api_key}"
es_datastream_name: "logs-generic-default"
batch_max_actions: 500 # optional: default value is 500
batch_max_bytes: 10485760 # optional: default value is 10485760
the lambda is giving this error
{
"@timestamp": "2023-04-11T06:02:03.794Z",
"log.level": "warning",
"message": "no input defined",
"ecs": {
"version": "1.6.0"
},
"input_id": "",
"input_type": "cloudwatch-logs",
"log": {
"logger": "root",
"origin": {
"file": {
"line": 146,
"name": "handler.py"
},
"function": "lambda_handler"
},
"original": "no input defined"
},
"process": {
"name": "MainProcess",
"pid": 8,
"thread": {
"id": 140499231172416,
"name": "MainThread"
}
}
}
however the config below works well.
- type: "cloudwatch-logs"
id: "arn:aws:logs:ap-southeast-1:xxxxxxxxxx:log-group:myloggroup:*"
outputs:
- type: "elasticsearch"
args:
cloud_id: "${elastic_cloud_id}"
api_key: "${elastic_api_key}"
es_datastream_name: "logs-generic-default"
batch_max_actions: 500 # optional: default value is 500
batch_max_bytes: 10485760 # optional: default value is 10485760
is there anyway i can use wildcard for specifying log groups,
the outputs for each entry are all the same so i really don't see the point of repeating blocks of config for every log group ... as i have hundreds of them.