AWS CloudWatch Logs Insights - export full query result?
True that max is 10k
But
datetime
can be narrowed, as well as log group for AWS CloudWatch Logs Insights
This is an addition to lznt's answer, addressing the following issue:
if my query has more than 10000 records, there seems to be no way to get the complete data.
I think there is a workaround: You can mess with the time range of the query. Order the results by timestamp. You then know the timestamp of the last record that you still managed to get.
For the next query, set the time range of the query so that you start where the previous query ended.
It is admittedly an ugly, iterative workaround, with a human in the loop.
Disclaimer: I haven't tested it.
Adding
| limit 7000
to the end of the query fixed the issue
The max is 10000 according to https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html#API_StartQuery_RequestSyntax, so if my query has more than 10000 records, there seems to be no way to get the complete data.