zenoyu/gist:f63799a9079a5df376d5daf3cea27be4

## gistfile1.txt
/**
 * AWS Lambda (Node) - Using Insight API to Query your Cloudwatch Log for Daily Error Report
 * @author Zeno Yu <zeno.yu@gmail.com>
 */
const AWS = require('aws-sdk');
var cloudwatchlogs = new AWS.CloudWatchLogs();

exports.handler = async (event) => {

  // Cloudwatch Log Group name
  const logGroupName = '/aws/lambda/<Name of your Log Group>';
  const timestamp = new Date();

  const params = {
    endTime: timestamp.getTime(),
    queryString: `fields @message, @timestamp
    | sort @timestamp desc
    | limit 10
    | filter @message like /(?i)("Error")/
    | stats count() by bin(1d)`, // Group by Day
    startTime: timestamp.setDate( timestamp.getDate() - 3 ), // Last 3 days
    logGroupName: logGroupName
  };

  // 1. Start the query. When we start a query, this returns a queryId for us to use on our next step.
  const data = await cloudwatchlogs.startQuery(params).promise();
  const { queryId } = data;
  console.debug('query id', queryId);

  while (true) {

    // 2. Send Insight query to CloudwatchLogs
    const insightData = await cloudwatchlogs.getQueryResults({ queryId })
        .promise();

    // 3. Check if it is available
    if (Array.isArray(insightData.results) && insightData.status === 'Complete') {
      const insightResult = insightData.results;

      // Change this line to publish to SNS or send to Slack
      console.log(JSON.stringify(insightResult, null, 4))
      break;
    }

    // 4. Otherwise, Wait for 100 ms for insight api result
    await new Promise((resolve, reject) => setTimeout(resolve, 100));
  }

  return 'ok';
}
	/**
	* AWS Lambda (Node) - Using Insight API to Query your Cloudwatch Log for Daily Error Report
	* @author Zeno Yu <zeno.yu@gmail.com>
	*/
	const AWS = require('aws-sdk');
	var cloudwatchlogs = new AWS.CloudWatchLogs();

	exports.handler = async (event) => {

	// Cloudwatch Log Group name
	const logGroupName = '/aws/lambda/<Name of your Log Group>';
	const timestamp = new Date();

	const params = {
	endTime: timestamp.getTime(),
	queryString: `fields @message, @timestamp
	\| sort @timestamp desc
	\| limit 10
	\| filter @message like /(?i)("Error")/
	\| stats count() by bin(1d)`, // Group by Day
	startTime: timestamp.setDate( timestamp.getDate() - 3 ), // Last 3 days
	logGroupName: logGroupName
	};

	// 1. Start the query. When we start a query, this returns a queryId for us to use on our next step.
	const data = await cloudwatchlogs.startQuery(params).promise();
	const { queryId } = data;
	console.debug('query id', queryId);

	while (true) {

	// 2. Send Insight query to CloudwatchLogs
	const insightData = await cloudwatchlogs.getQueryResults({ queryId })
	.promise();

	// 3. Check if it is available
	if (Array.isArray(insightData.results) && insightData.status === 'Complete') {
	const insightResult = insightData.results;

	// Change this line to publish to SNS or send to Slack
	console.log(JSON.stringify(insightResult, null, 4))
	break;
	}

	// 4. Otherwise, Wait for 100 ms for insight api result
	await new Promise((resolve, reject) => setTimeout(resolve, 100));
	}

	return 'ok';
	}