LogAnomalyDetector ​
The LogAnomalyDetector resource allows you to create and manage AWS Logs LogAnomalyDetectors, which help identify unusual patterns in your CloudWatch Logs data.
Minimal Example ​
Create a basic log anomaly detector with required properties and a common optional property.
ts
import AWS from "alchemy/aws/control";
const logAnomalyDetector = await AWS.Logs.LogAnomalyDetector("myLogAnomalyDetector", {
DetectorName: "MyFirstAnomalyDetector",
FilterPattern: "{ $.statusCode = 500 }",
EvaluationFrequency: "PT5M", // Evaluate every 5 minutes
AnomalyVisibilityTime: 60 // Anomaly visible for 60 minutes
});Advanced Configuration ​
Configure a log anomaly detector with additional options, including specifying a KMS key for encryption and a list of log groups.
ts
const advancedLogAnomalyDetector = await AWS.Logs.LogAnomalyDetector("advancedLogAnomalyDetector", {
DetectorName: "AdvancedAnomalyDetector",
FilterPattern: "{ $.statusCode = 503 }",
EvaluationFrequency: "PT1H", // Evaluate every hour
AnomalyVisibilityTime: 120, // Anomaly visible for 120 minutes
KmsKeyId: "arn:aws:kms:us-west-2:123456789012:key/abcd1234-a123-456a-a12b-a123b4cd56ef",
LogGroupArnList: [
"arn:aws:logs:us-west-2:123456789012:log-group:/aws/lambda/myLambdaFunction",
"arn:aws:logs:us-west-2:123456789012:log-group:/aws/ec2/myEC2Instance"
]
});Adoption of Existing Resource ​
If you want to adopt an existing log anomaly detector instead of failing when it already exists, you can set the adopt property to true.
ts
const adoptExistingDetector = await AWS.Logs.LogAnomalyDetector("adoptExistingDetector", {
DetectorName: "ExistingAnomalyDetector",
adopt: true // Adopt existing resource if present
});