Last active
November 18, 2024 15:09
-
-
Save AMMullan/e738d3d2669357537afddebf2fbe4f2e to your computer and use it in GitHub Desktop.
CloudWatch Logs Insights Queries
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Get number of emails sent by each IAM User broken down in hourly segments | |
| stats count(*) by IAMUser, bin(1h) as period | |
| | filter EventType in ["Delivery"] | |
| | sort IAMUser desc, period desc | |
| -- Get statistics for each event type (i.e. Delivery, Bounce and Complaint) for each user | |
| fields @timestamp, EventType, IAMUser | |
| | filter EventType in ["Delivery", "Complaint", "Bounce"] | |
| | stats count() as email_count by IAMUser, EventType | |
| | sort IAMUser asc, EventType asc | |
| -- Fetch information about what addresses IAM Users are sending emails FROM, and how many. | |
| fields IAMUser, FromAddress | |
| | stats count() as email_count by IAMUser, FromAddress | |
| | sort email_count DESC | |
| | dedup IAMUser, FromAddress |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment