Class: Aws::CloudWatchLogs::Types::Anomaly

Inherits:
Struct
  • Object
show all
Includes:
Structure
Defined in:
lib/aws-sdk-cloudwatchlogs/types.rb

Overview

This structure represents one anomaly that has been found by a logs anomaly detector.

For more information about patterns and anomalies, see [CreateLogAnomalyDetector].

[1]: docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogAnomalyDetector.html

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#activeBoolean

Specifies whether this anomaly is still ongoing.

Returns:

  • (Boolean)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#anomaly_detector_arnString

The ARN of the anomaly detector that identified this anomaly.

Returns:

  • (String)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#anomaly_idString

The unique ID that CloudWatch Logs assigned to this anomaly.

Returns:

  • (String)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#descriptionString

A human-readable description of the anomaly. This description is generated by CloudWatch Logs.

Returns:

  • (String)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#first_seenInteger

The date and time when the anomaly detector first saw this anomaly. It is specified as epoch time, which is the number of seconds since ‘January 1, 1970, 00:00:00 UTC`.

Returns:

  • (Integer)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#histogramHash<String,Integer>

A map showing times when the anomaly detector ran, and the number of occurrences of this anomaly that were detected at each of those runs. The times are specified in epoch time, which is the number of seconds since ‘January 1, 1970, 00:00:00 UTC`.

Returns:

  • (Hash<String,Integer>)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#is_pattern_level_suppressionBoolean

If this anomaly is suppressed, this field is ‘true` if the suppression is because the pattern is suppressed. If `false`, then only this particular anomaly is suppressed.

Returns:

  • (Boolean)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#last_seenInteger

The date and time when the anomaly detector most recently saw this anomaly. It is specified as epoch time, which is the number of seconds since ‘January 1, 1970, 00:00:00 UTC`.

Returns:

  • (Integer)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#log_group_arn_listArray<String>

An array of ARNS of the log groups that contained log events considered to be part of this anomaly.

Returns:

  • (Array<String>)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#log_samplesArray<Types::LogEvent>

An array of sample log event messages that are considered to be part of this anomaly.

Returns:



239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#pattern_idString

The ID of the pattern used to help identify this anomaly.

Returns:

  • (String)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#pattern_regexString

The pattern used to help identify this anomaly, in regular expression format.

Returns:

  • (String)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#pattern_stringString

The pattern used to help identify this anomaly, in string format.

Returns:

  • (String)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#pattern_tokensArray<Types::PatternToken>

An array of structures where each structure contains information about one token that makes up the pattern.

Returns:



239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#priorityString

The priority level of this anomaly, as determined by CloudWatch Logs. Priority is computed based on log severity labels such as ‘FATAL` and `ERROR` and the amount of deviation from the baseline. Possible values are `HIGH`, `MEDIUM`, and `LOW`.

Returns:

  • (String)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#stateString

Indicates the current state of this anomaly. If it is still being treated as an anomaly, the value is ‘Active`. If you have suppressed this anomaly by using the [UpdateAnomaly] operation, the value is `Suppressed`. If this behavior is now considered to be normal, the value is `Baseline`.

[1]: docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateAnomaly.html

Returns:

  • (String)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#suppressedBoolean

Indicates whether this anomaly is currently suppressed. To suppress an anomaly, use [UpdateAnomaly].

[1]: docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateAnomaly.html

Returns:

  • (Boolean)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#suppressed_dateInteger

If the anomaly is suppressed, this indicates when it was suppressed.

Returns:

  • (Integer)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#suppressed_untilInteger

If the anomaly is suppressed, this indicates when the suppression will end. If this value is ‘0`, the anomaly was suppressed with no expiration, with the `INFINITE` value.

Returns:

  • (Integer)


239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 239

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end