|
As we speak, I’m glad to announce in preview the generative synthetic intelligence (generative AI)–powered pure language question technology in AWS CloudTrail Lake, which is a managed information lake for capturing, storing, accessing, and analyzing AWS CloudTrail exercise logs to satisfy compliance, safety, and operational wants. You’ll be able to ask a query utilizing pure language about these exercise logs (administration and information occasions) saved in CloudTrail Lake with out having the technical experience to write down a SQL question or spend time to decode the precise construction of exercise occasions. For instance, you would possibly ask, “Inform me what number of database situations are deleted with no snapshot”, and the function will convert that query to a CloudTrail Lake question, which you’ll run as-is or modify to get the requested occasion info. Pure language question technology makes the method of exploration of AWS exercise logs less complicated.
Now, let me present you how one can begin utilizing pure language question technology.
Getting began with pure language question technology
The pure language question generator makes use of generative AI to supply a ready-to-use SQL question out of your immediate, which you’ll then select to run within the question editor of CloudTrail Lake.
Within the AWS CloudTrail console, I select Question underneath Lake. The question generator can solely generate queries for occasion information shops that accumulate CloudTrail administration and information occasions. I select an occasion information retailer for my CloudTrail Lake question from the dropdown record in Occasion information retailer. Within the Question generator, I enter the next immediate within the Immediate discipline utilizing pure language:
What number of errors had been logged throughout the previous month?
Then, I select Generate question. The next SQL question is robotically generated:
SELECT COUNT(*) AS error_count
FROM 8a6***
WHERE eventtime >= '2024-04-21 00:00:00'
AND eventtime <= '2024-05-21 23:59:59'
AND (
errorcode IS NOT NULL
OR errormessage IS NOT NULL
)I select Run to see the outcomes.
That is fascinating, however I wish to know extra particulars. I wish to see which companies had essentially the most errors and why these actions had been erroring out. So I enter the next immediate to request extra particulars:
What number of errors had been logged throughout the previous month for every service and what was the reason for every error?
I select Generate question, and the next SQL question is generated:
SELECT eventsource,
errorcode,
errormessage,
COUNT(*) AS errorCount
FROM 8a6***
WHERE eventtime >= '2024-04-21 00:00:00'
AND eventtime <= '2024-05-21 23:59:59'
AND (
errorcode IS NOT NULL
OR errormessage IS NOT NULL
)
GROUP BY 1,
2,
3
ORDER BY 4 DESC;
I select Run to see the outcomes.
Within the outcomes, I see that my account experiences most variety of errors associated to Amazon S3, and prime errors are associated to CORS and object stage configuration. I can proceed to dig deeper to see extra particulars by asking additional questions. However now let me give pure language question generator one other instruction. I enter the next immediate within the Immediate discipline:
What are the highest 10 AWS companies that I used up to now month? Embody occasion title as properly.
I select Generate question, and the next SQL question is generated. This SQL assertion retrieves the sphere names (eventSource,eventName, COUNT(*) AS event_count), restricts the rows with the date interval of the previous month within the WHERE clause, teams the rows by eventSource and eventName, kinds them by the utilization depend, and restrict the outcome to 10 rows as I requested in a pure language.
SELECT eventSource,
eventName,
COUNT(*) AS event_count
FROM 8a6***
WHERE eventTime >= timestamp '2024-04-21 00:00:00'
AND eventTime <= timestamp '2024-05-21 23:59:59'
GROUP BY 1,
2
ORDER BY 3 DESC
LIMIT 10;
Once more, I select Run to see the outcomes.
I now have a greater understanding of what number of errors had been logged throughout the previous month, what service the error was for, and what triggered the error. You’ll be able to strive asking questions in plain language and run the generated queries over your logs to see how this function works together with your information.
Be a part of the preview
Pure language question technology is obtainable in preview within the US East (N. Virginia) Area as a part of CloudTrail Lake.
You need to use pure language question technology in preview for no extra value. CloudTrail Lake question fees apply when working the question to generate outcomes. For extra info, go to AWS CloudTrail Pricing.
To be taught extra and get began utilizing pure language question technology, go to AWS CloudTrail Lake Consumer Information.