Pull AWS Cloudwatch Logs directly into DuckDB
- Go 100%
| .forgejo/workflows | ||
| .gitignore | ||
| go.mod | ||
| go.sum | ||
| LICENSE.md | ||
| main.go | ||
| main_e2e_test.go | ||
| mise.toml | ||
| README.md | ||
CloudWatch to DuckDB CLI
What does it do?
Annoyed by CloudWatch, but you don't want to deal with S3 and Firehose nightmare to set up parquet export? You have come to right place my friend. This is a convenient CLI that pulls CloudWatch logs from a log group and ingests them into a DuckDB. So you can analyze them in a convenient manner. All you need is an environment with AWS credentials configured for a user or a role with read access for the log group in you want to examine.
How to run?
Extracting logs from the last 2 hours
go run main.go -lg "cw-log-group" -ls "cw-log-stream" -hrs -2h -lp "noParse"
Extracting logs from a specific time frame
go run main.go -lg "cw-log-group" -ls "cw-log-stream" -start "2026-03-14T17:00:00Z" -end "2026-03-15T03:00:00Z" -lp "noParse"