Hello
I am on terraform 1.2.2/aws provider 4.2.0
I need to create a pattern for a cloudwatch log subscription that matches
"level":"error"
Matching only error is not ok, because there is an “error_id” in every message.
I tried ““level”:“error”” (also "\“level”…) but I keep getting the error:
Error: error updating CloudWatch Log Subscription Filter (XXX): InvalidParameterException: Invalid subscription filter pattern
│
│ with aws_cloudwatch_log_subscription_filter.logfilter[0],
│ on logs.tf line 9, in resource "aws_cloudwatch_log_subscription_filter" "logfilter":
│ 9: resource "aws_cloudwatch_log_subscription_filter" "logfilter" {
│
╵
ERRO[0016] 1 error occurred:
* exit status 1
After some research I have tried to use format(), but it is not allowed in the variable definition…
sample
variable "lambda_streamer_filters" {
default = "?\"level\":\"error\" ?Starting ?Shutting"
}
resource "aws_cloudwatch_log_subscription_filter" "logfilter" {
name = "test-log-filter"
log_group_name = "test"
filter_pattern = var.lambda_streamer_filters
destination_arn = replace(data.aws_lambda_function.lambda.arn, ":$LATEST", "")
distribution = "ByLogStream"
}
Is there a way to have such pattern ? alternative is filter at the lambda function or add an extra key:val i can filter on and is not used anywhere else…
thank