Class: Aws::CloudWatchLogs::Types::Anomaly

Inherits:

Struct

• Object
• Struct
• Aws::CloudWatchLogs::Types::Anomaly

Includes:

Structure

Defined in:

lib/aws-sdk-cloudwatchlogs/types.rb

Overview

This structure represents one anomaly that has been found by a logs anomaly detector.

For more information about patterns and anomalies, see [CreateLogAnomalyDetector].

[1]: docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogAnomalyDetector.html

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #active ⇒ Boolean

  Specifies whether this anomaly is still ongoing.

• #anomaly_detector_arn ⇒ String

  The ARN of the anomaly detector that identified this anomaly.

• #anomaly_id ⇒ String

  The unique ID that CloudWatch Logs assigned to this anomaly.

• #description ⇒ String

  A human-readable description of the anomaly.

• #first_seen ⇒ Integer

  The date and time when the anomaly detector first saw this anomaly.

• #histogram ⇒ Hash<String,Integer>

  A map showing times when the anomaly detector ran, and the number of occurrences of this anomaly that were detected at each of those runs.

• #is_pattern_level_suppression ⇒ Boolean

  If this anomaly is suppressed, this field is ‘true` if the suppression is because the pattern is suppressed.

• #last_seen ⇒ Integer

  The date and time when the anomaly detector most recently saw this anomaly.

• #log_group_arn_list ⇒ Array<String>

  An array of ARNS of the log groups that contained log events considered to be part of this anomaly.

• #log_samples ⇒ Array<Types::LogEvent>

  An array of sample log event messages that are considered to be part of this anomaly.

• #pattern_id ⇒ String

  The ID of the pattern used to help identify this anomaly.

• #pattern_regex ⇒ String

  The pattern used to help identify this anomaly, in regular expression format.

• #pattern_string ⇒ String

  The pattern used to help identify this anomaly, in string format.

• #pattern_tokens ⇒ Array<Types::PatternToken>

  An array of structures where each structure contains information about one token that makes up the pattern.

• #priority ⇒ String

  The priority level of this anomaly, as determined by CloudWatch Logs.

• #state ⇒ String

  Indicates the current state of this anomaly.

• #suppressed ⇒ Boolean

  Indicates whether this anomaly is currently suppressed.

• #suppressed_date ⇒ Integer

  If the anomaly is suppressed, this indicates when it was suppressed.

• #suppressed_until ⇒ Integer

  If the anomaly is suppressed, this indicates when the suppression will end.

Instance Attribute Details

#active ⇒ Boolean

Specifies whether this anomaly is still ongoing.

Returns:

• (Boolean)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#anomaly_detector_arn ⇒ String

The ARN of the anomaly detector that identified this anomaly.

Returns:

• (String)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#anomaly_id ⇒ String

The unique ID that CloudWatch Logs assigned to this anomaly.

Returns:

• (String)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#description ⇒ String

A human-readable description of the anomaly. This description is generated by CloudWatch Logs.

Returns:

• (String)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#first_seen ⇒ Integer

The date and time when the anomaly detector first saw this anomaly. It is specified as epoch time, which is the number of seconds since ‘January 1, 1970, 00:00:00 UTC`.

Returns:

• (Integer)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#histogram ⇒ Hash<String,Integer>

A map showing times when the anomaly detector ran, and the number of occurrences of this anomaly that were detected at each of those runs. The times are specified in epoch time, which is the number of seconds since ‘January 1, 1970, 00:00:00 UTC`.

Returns:

• (Hash<String,Integer>)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#is_pattern_level_suppression ⇒ Boolean

If this anomaly is suppressed, this field is ‘true` if the suppression is because the pattern is suppressed. If `false`, then only this particular anomaly is suppressed.

Returns:

• (Boolean)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#last_seen ⇒ Integer

The date and time when the anomaly detector most recently saw this anomaly. It is specified as epoch time, which is the number of seconds since ‘January 1, 1970, 00:00:00 UTC`.

Returns:

• (Integer)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#log_group_arn_list ⇒ Array<String>

An array of ARNS of the log groups that contained log events considered to be part of this anomaly.

Returns:

• (Array<String>)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#log_samples ⇒ Array<Types::LogEvent>

An array of sample log event messages that are considered to be part of this anomaly.

Returns:

• (Array<Types::LogEvent>)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#pattern_id ⇒ String

The ID of the pattern used to help identify this anomaly.

Returns:

• (String)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#pattern_regex ⇒ String

The pattern used to help identify this anomaly, in regular expression format.

Returns:

• (String)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#pattern_string ⇒ String

The pattern used to help identify this anomaly, in string format.

Returns:

• (String)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#pattern_tokens ⇒ Array<Types::PatternToken>

An array of structures where each structure contains information about one token that makes up the pattern.

Returns:

• (Array<Types::PatternToken>)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#priority ⇒ String

The priority level of this anomaly, as determined by CloudWatch Logs. Priority is computed based on log severity labels such as ‘FATAL` and `ERROR` and the amount of deviation from the baseline. Possible values are `HIGH`, `MEDIUM`, and `LOW`.

Returns:

• (String)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#state ⇒ String

Indicates the current state of this anomaly. If it is still being treated as an anomaly, the value is ‘Active`. If you have suppressed this anomaly by using the [UpdateAnomaly] operation, the value is `Suppressed`. If this behavior is now considered to be normal, the value is `Baseline`.

[1]: docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateAnomaly.html

Returns:

• (String)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#suppressed ⇒ Boolean

Indicates whether this anomaly is currently suppressed. To suppress an anomaly, use [UpdateAnomaly].

[1]: docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateAnomaly.html

Returns:

• (Boolean)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#suppressed_date ⇒ Integer

If the anomaly is suppressed, this indicates when it was suppressed.

Returns:

• (Integer)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end

#suppressed_until ⇒ Integer

If the anomaly is suppressed, this indicates when the suppression will end. If this value is ‘0`, the anomaly was suppressed with no expiration, with the `INFINITE` value.

Returns:

• (Integer)

# File 'lib/aws-sdk-cloudwatchlogs/types.rb', line 188

class Anomaly < Struct.new(
  :anomaly_id,
  :pattern_id,
  :anomaly_detector_arn,
  :pattern_string,
  :pattern_regex,
  :priority,
  :first_seen,
  :last_seen,
  :description,
  :active,
  :state,
  :histogram,
  :log_samples,
  :pattern_tokens,
  :log_group_arn_list,
  :suppressed,
  :suppressed_date,
  :suppressed_until,
  :is_pattern_level_suppression)
  SENSITIVE = []
  include Aws::Structure
end