revamp cloudwatch logs

Author: HarshCasper

src/content/docs/aws/services/cloudwatchlogs.md

@@ -1,11 +1,12 @@
 ---
 title: "CloudWatch Logs"
-linkTitle: "CloudWatch Logs"
 description: Get started with AWS CloudWatch Logs on LocalStack
 tags: ["Free"]
 persistence: supported
 ---
 
+## Introduction
+
 [CloudWatch Logs](https://docs.aws.amazon.com/cloudwatch/index.html) allows to store and retrieve logs.
 While some services automatically create and write logs (e.g. Lambda), logs can also be added manually.
 CloudWatch Logs is available in the Community version.
@@ -23,37 +24,40 @@ In the following we setup a little example on how to use subscription filters wi
 First, we setup the required resources.
 Therefore, we create a kinesis stream, a log group and log stream.
 Then we can configure the subscription filter.
-{{< command >}}
-$ awslocal kinesis create-stream --stream-name "logtest" --shard-count 1
-$ kinesis_arn=$(awslocal kinesis describe-stream --stream-name "logtest" | jq -r .StreamDescription.StreamARN)
-$ awslocal logs create-log-group --log-group-name test
+```bash
+awslocal kinesis create-stream --stream-name "logtest" --shard-count 1
+kinesis_arn=$(awslocal kinesis describe-stream --stream-name "logtest" | jq -r .StreamDescription.StreamARN)
+
+awslocal logs create-log-group --log-group-name test
 
-$ awslocal logs create-log-stream \
- --log-group-name test \
- --log-stream-name test
+awslocal logs create-log-stream \
+    --log-group-name test \
+    --log-stream-name test
 
-$ awslocal logs put-subscription-filter \
+awslocal logs put-subscription-filter \
     --log-group-name "test" \
     --filter-name "kinesis_test" \
     --filter-pattern "" \
     --destination-arn $kinesis_arn \
     --role-arn "arn:aws:iam::000000000000:role/kinesis_role"
-{{< / command >}}
+```
+
+Next, we can add a log event, that will be forwarded to Kinesis.
 
-Next, we can add a log event, that will be forwarded to kinesis.
-{{< command >}}
-$ timestamp=$(($(date +'%s * 1000 + %-N / 1000000')))
-$ awslocal logs put-log-events --log-group-name test --log-stream-name test --log-events "[{\"timestamp\": ${timestamp} , \"message\": \"hello from cloudwatch\"}]"
-{{< / command >}}
+```bash
+timestamp=$(($(date +'%s * 1000 + %-N / 1000000')))
+awslocal logs put-log-events --log-group-name test --log-stream-name test --log-events "[{\"timestamp\": ${timestamp} , \"message\": \"hello from cloudwatch\"}]"
+```
 
 Now we can retrieve the data.
 In our example, there will only be one record.
 The data record is base64 encoded and compressed in gzip format:
-{{< command >}}
-$ shard_iterator=$(awslocal kinesis get-shard-iterator --stream-name logtest --shard-id shardId-000000000000 --shard-iterator-type TRIM_HORIZON | jq -r .ShardIterator)
-$ record=$(awslocal kinesis get-records --limit 10 --shard-iterator $shard_iterator | jq -r '.Records[0].Data')
-$ echo $record | base64 -d | zcat
-{{< / command >}}
+
+```bash
+shard_iterator=$(awslocal kinesis get-shard-iterator --stream-name logtest --shard-id shardId-000000000000 --shard-iterator-type TRIM_HORIZON | jq -r .ShardIterator)
+record=$(awslocal kinesis get-records --limit 10 --shard-iterator $shard_iterator | jq -r '.Records[0].Data')
+echo $record | base64 -d | zcat
+```
 
 ## Filter Pattern (Pro only)
 
@@ -66,39 +70,42 @@ LocalStack currently supports simple json-property filter.
 Metric filters can be used to automatically create CloudWatch metrics.
 
 In the following example we are interested in logs that include a key-value pair `"foo": "bar"` and create a metric filter.
-{{< command >}}
-$ awslocal logs create-log-group --log-group-name test-filter
 
-$ awslocal logs create-log-stream \
- --log-group-name test-filter \
- --log-stream-name test-filter-stream
+```bash
+awslocal logs create-log-group --log-group-name test-filter
+
+awslocal logs create-log-stream \
+--log-group-name test-filter \
+--log-stream-name test-filter-stream
 
-$ awslocal logs put-metric-filter \
+awslocal logs put-metric-filter \
   --log-group-name test-filter \
   --filter-name my-filter \
   --filter-pattern "{$.foo = \"bar\"}" \
   --metric-transformations \
   metricName=MyMetric,metricNamespace=MyNamespace,metricValue=1,defaultValue=0
-{{< / command >}}
+```
 
 Next, we can insert some values:
-{{< command >}}
-$ timestamp=$(($(date +'%s * 1000 + %-N / 1000000')))
-$ awslocal logs put-log-events --log-group-name test-filter \
+
+```bash
+timestamp=$(($(date +'%s * 1000 + %-N / 1000000')))
+awslocal logs put-log-events --log-group-name test-filter \
    --log-stream-name test-filter-stream \
    --log-events \
     timestamp=$timestamp,message='"{\"foo\":\"bar\", \"hello\": \"world\"}"' \
     timestamp=$timestamp,message="my test event" \
     timestamp=$timestamp,message='"{\"foo\":\"nomatch\"}"'
-{{< / command >}}
+```
 
 Now we can check that the metric was indeed created:
-{{< command >}}
+
+```bash
 end=$(date +%s)
 awslocal cloudwatch get-metric-statistics --namespace MyNamespace \
     --metric-name MyMetric --statistics Sum  --period 3600 \
     --start-time 1659621274 --end-time $end
-{{< / command >}}
+```
 
 ### Filter Log Events
 
@@ -108,37 +115,39 @@ Similarly, you can use filter-pattern to filter logs with different kinds of pat
 
 For purely JSON structured log messages, you can use JSON filter patterns to traverse the JSON object.
 Enclose your pattern in curly braces, like this:
-{{< command >}}
-$ awslocal logs filter-log-events --log-group-name test-filter --filter-pattern "{$.foo = \"bar\"}"
-{{< / command >}}
+
+```bash
+awslocal logs filter-log-events --log-group-name test-filter --filter-pattern "{$.foo = \"bar\"}"
+```
 
 This returns all events whose top level "foo" key has the "bar" value.
 
 #### Regular Expression Filter Pattern
 
 You can use a simplified regex syntax for regular expression matching.
 Enclose your pattern in percentage signs like this:
-{{< command >}}
-$ awslocal logs filter-log-events --log-group-name test-filter --filter-pattern "\%[fF]oo\%"
-{{< / command >}}
+
+```bash
+awslocal logs filter-log-events --log-group-name test-filter --filter-pattern "\%[fF]oo\%"
+```
+
 This returns all events containing "Foo" or "foo".
 For a complete set of the supported syntax, check [the official AWS documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html#regex-expressions)
 
 #### Unstructured Filter Pattern
 
 If not specified otherwise in the pattern, we look for a match in the whole event message:
-{{< command >}}
-$ awslocal logs filter-log-events --log-group-name test-filter --filter-pattern "foo"
-{{< / command >}}
+
+```bash
+awslocal logs filter-log-events --log-group-name test-filter --filter-pattern "foo"
+```
 
 ## Resource Browser
 
 The LocalStack Web Application provides a Resource Browser for exploring CloudWatch Logs.
 You can access the Resource Browser by opening the LocalStack Web Application in your browser, navigating to the **Resources** section, and then clicking on **CloudWatch Logs** under the **Management/Governance** section.
 
-<img src="logs-resource-browser.png" alt="CloudWatch Logs Resource Browser" title="CloudWatch Logs Resource Browser" width="900" />
-<br>
-<br>
+![CloudWatch Logs Resource Browser](/images/aws/logs-resource-browser.png)
 
 The Resource Browser allows you to perform the following actions: