> ## Documentation Index
> Fetch the complete documentation index at: https://www.ravion.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Query CloudWatch Logs Insights histogram

> Compute the full-window per-level histogram for the same scope/window/filter as the row query. Separate from the row endpoint so it can be cached on a longer cadence (it scans the whole window) and so rows aren't blocked on the aggregation.



## OpenAPI

````yaml https://api.ravion.com/openapi.yaml post /aws/cloudwatch/logs-insights/histogram
openapi: 3.0.0
info:
  title: Ravion
  version: 0.0.0
servers:
  - url: https://api.ravion.com
security:
  - BearerAuth: []
tags:
  - name: Projects
  - name: Environments
  - name: Pipelines
  - name: PipelineRuns
  - name: TerraformResources
  - name: TerraformExecutionSummaries
  - name: PipelineStepExecutions
  - name: AwsCloudWatch
  - name: PipelineVersions
  - name: Organizations
  - name: Stacks
  - name: StackWorkspaces
  - name: Auth
  - name: OAuth
  - name: User
  - name: Health
  - name: Memberships
  - name: ServiceAccounts
  - name: AwsDefaultNetworks
  - name: AwsAccounts
  - name: ApiKeys
  - name: ExecutionEnvironments
  - name: ModuleDefinitions
  - name: ModuleVersions
  - name: ModuleInstances
  - name: DefaultValueDefinitions
  - name: DefaultValues
  - name: CodeSources
  - name: Github
  - name: Gitlab
  - name: Git
  - name: Values
  - name: Deployments
  - name: DeploymentResources
  - name: InfrastructureEvents
  - name: WebSocket
  - name: Describe
paths:
  /aws/cloudwatch/logs-insights/histogram:
    post:
      tags:
        - AwsCloudWatch
      summary: Query CloudWatch Logs Insights histogram
      description: >-
        Compute the full-window per-level histogram for the same
        scope/window/filter as the row query. Separate from the row endpoint so
        it can be cached on a longer cadence (it scans the whole window) and so
        rows aren't blocked on the aggregation.
      operationId: GetCloudWatchLogsInsightsHistogram
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/CloudWatchLogsHistogramRequest'
        required: true
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CloudWatchLogsHistogramResponse'
          description: The request has succeeded.
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: The request is invalid or malformed.
        '404':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: The server cannot find the requested resource.
        '422':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: Client error
        '500':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Errors.UserFacingErrorData'
          description: Server error
components:
  schemas:
    CloudWatchLogsHistogramRequest:
      additionalProperties: false
      description: >-
        Request body for the full-window histogram. Same scope + window + filter
        as the row query; no paging or row limit (the aggregation counts the
        whole window).
      properties:
        endTime:
          description: Inclusive end of the query window (ISO 8601)
          type: string
        environmentId:
          description: >-
            Environment whose module-instance ui.logs sources are queried.
            Optional when `moduleInstanceIds`/`logSourceKeys` name the sources.
          nullable: true
          type: string
        filter:
          allOf:
            - $ref: '#/components/schemas/CloudWatchLogFilter'
          description: >-
            Structured filter applied to the matched sources, the same as the
            row query. The returned histogram reflects the filtered volume.
        logSourceKeys:
          description: >-
            Restrict to these individual ui.logs sources by composite
            `<moduleInstanceId>::<logSourceId>` key.
          items:
            type: string
          nullable: true
          type: array
        moduleInstanceIds:
          description: >-
            Restrict to these module instance ids (see the row request for
            semantics).
          items:
            type: string
          nullable: true
          type: array
        periodSeconds:
          description: >-
            Bucket period in seconds. Omit to choose one automatically from the
            time window. Clamped to 1–86400.
          format: int32
          nullable: true
          type: integer
        startTime:
          description: Inclusive start of the query window (ISO 8601)
          type: string
      required:
        - startTime
        - endTime
      type: object
    CloudWatchLogsHistogramResponse:
      additionalProperties: false
      description: >-
        Response payload for the full-window per-level histogram (a separate
        endpoint from rows so it can be cached longer and so rows render without
        waiting for the aggregation).
      properties:
        histogram:
          description: >-
            Contiguous per-level histogram buckets across the FULL query window.
            Computed by a count aggregation, so the counts reflect every
            matching event in the window and are never truncated by the row
            limit.
          items:
            $ref: '#/components/schemas/CloudWatchLogHistogramBucket'
          type: array
        missedSources:
          description: >-
            Log groups of the sources whose aggregation could not be queried
            (empty unless `partial` is true).
          items:
            type: string
          type: array
        partial:
          description: >-
            True when one or more sources' aggregation could not be queried, so
            those sources are omitted from the bar counts. Listed in
            `missedSources`.
          type: boolean
        periodSeconds:
          description: The histogram bucket period in seconds
          format: int32
          type: integer
      required:
        - histogram
        - periodSeconds
        - partial
        - missedSources
      type: object
    Errors.UserFacingErrorData:
      additionalProperties: false
      description: |-
        User-facing error presentation data.
        This is what the API returns to the frontend after formatting ErrorData
        using CEL templates from the error registry.

        Used for both:
        - Error fields on domain models (e.g., PipelineRun.error)
        - API error response bodies (HTTP 4xx/5xx responses)
      properties:
        action:
          allOf:
            - $ref: '#/components/schemas/Errors.Action'
          description: Optional action to help resolve the error
        code:
          description: Full error code, e.g., "Ravion:Pipeline:NOT_FOUND"
          type: string
        description:
          description: Additional description with more details
          type: string
        details:
          description: Structured details rendered as user-facing sections.
          items:
            $ref: '#/components/schemas/Errors.UserFacingErrorDetailSection'
          type: array
        isInternal:
          description: >-
            Indicates whether this error is internal (only set when
            ShowInternal=true).

            This allows SUPERADMINs to identify internal errors while viewing
            full details.
          type: boolean
        message:
          description: Main error message (required)
          type: string
        metadata:
          additionalProperties: {}
          description: >-
            Error params/metadata. Stripped for internal errors unless
            superadmin.
          type: object
        requestId:
          description: Request ID for correlating errors with server logs.
          type: string
      required:
        - code
        - message
      type: object
    CloudWatchLogFilter:
      additionalProperties: false
      description: >-
        One node in the structured log-filter predicate tree. `kind`
        discriminates the node; the other fields are populated per kind. The
        empty filter is `{kind:"all"}`. This is the wire form of the LogSearch
        AST — the server translates it into the source's query language
        (CloudWatch Logs Insights today), so negation/OR/grouping are honored
        server-side rather than dropped on the client.
      properties:
        filter:
          allOf:
            - $ref: '#/components/schemas/CloudWatchLogFilter'
          description: Child predicate for a `not` node.
        filters:
          description: Child predicates for `and` / `or` nodes.
          items:
            $ref: '#/components/schemas/CloudWatchLogFilter'
          type: array
        kind:
          description: >-
            Node kind: `all` (match everything) | `and` | `or` | `not` | `field`
            | `text`.
          type: string
        operator:
          description: >-
            Match operator for a `field` node: `eq` | `neq` | `contains` |
            `regex` | `gt` | `gte` | `lt` | `lte`. (Named `operator`, not `op`,
            because `op` is a TypeSpec keyword.)
          type: string
        path:
          description: >-
            Field path for a `field` node. The well-known paths `level` and
            `stream` route to dedicated channels (classified level /
            `@logStream`); any other path matches a JSON key:value fragment in
            `@message`.
          type: string
        value:
          description: >-
            Literal value for a `field` or `text` node. Shipped RAW — the server
            does all escaping.
          type: string
      required:
        - kind
      type: object
    CloudWatchLogHistogramBucket:
      additionalProperties: false
      description: A time bucket in the per-level log histogram
      properties:
        bucketStartMs:
          description: Bucket start as epoch milliseconds
          format: int64
          type: integer
        counts:
          $ref: '#/components/schemas/CloudWatchLogLevelCounts'
      required:
        - bucketStartMs
        - counts
      type: object
    Errors.Action:
      additionalProperties: false
      description: Action to help user resolve the error
      properties:
        label:
          description: Button/link label text
          type: string
        url:
          description: URL to navigate to for resolution
          type: string
      required:
        - label
        - url
      type: object
    Errors.UserFacingErrorDetailSection:
      additionalProperties: false
      description: Structured user-facing error detail section.
      properties:
        items:
          description: List of detail values for this section.
          items:
            type: string
          type: array
        object:
          additionalProperties: {}
          description: Structured detail payload for object rendering.
          type: object
        render:
          description: Rendering hint for clients. Valid values are list or object.
          type: string
        title:
          description: Detail section title shown in the UI.
          type: string
      required:
        - title
        - render
      type: object
    CloudWatchLogLevelCounts:
      additionalProperties: false
      description: Per-level event counts within a histogram bucket (folded to 4 levels)
      properties:
        debug:
          format: int32
          type: integer
        error:
          format: int32
          type: integer
        info:
          format: int32
          type: integer
        warn:
          format: int32
          type: integer
      required:
        - debug
        - info
        - warn
        - error
      type: object
  securitySchemes:
    BearerAuth:
      scheme: Bearer
      type: http

````