I'm trying to run a log insights query with a goal to group log by an hour. I was able to achieve this using datefloor function like this,
fields @message
| display datefloor(@timestamp, 1h)
However, I also want to extract time and not the rounded off time but the exact time. How can this be achieved in logs insights. @timestamp value looks like this 2024-08-26T06:00:00.000Z when displayed.
unfortunately aws cloudwatch logs insights does not support direct formatting to yyyy-MM-dd HH:mm:ss, one option is to handle this in a downstream system or export the logs for processing. within logs insights, you can simplify the display by using the @timestamp which you have already done. so until yyyy-MM-dd HH:mm:ss format is supported i think you need to keep on with @timestamp as is, which is in ISO 8601 format and is easily interpretable.