[AWS] Add CloudWatch logs latency config option

[zmoog]

Motivation

If the logs collection starts at 10:00, then the input will gather logs in this time window:

• start: 09:59
• end: 10:00

Unfortunately, logs sometimes become available in CloudWatch with a delay; in these circumstances, the input of the CloudWatch logs could miss them.

For example, if a log event is:

• created: 09:59:30
• available 10:00:30

The input will miss that event with the default latency setting ¹.

However, the CloudWatch Logs input has a setting called latency that allows users to adjust the logs collection time window to cope with the AWS services' latency.

Change description

Make the CloudWatch Logs input setting option latency available in the integration settings.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

Related issues

• Closes AWS Cloudwatch integration missing latency option #5712

Screenshots

Settings UI

Documentation

Footnotes

1. The input will pick that log event up at the next restart if "start position" is set to "beginning". ↩

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2023-04-04T13:48:40.658+0000

• Duration: 52 min 33 sec

Test stats 🧪

Test	Results
Failed	0
Passed	188
Skipped	4
Total	192

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	100.0% (15/15)	💚
Files	93.75% (15/16)	👎 -6.25
Classes	93.75% (15/16)	👎 -6.25
Methods	86.131% (236/274)	👎 -9.107
Lines	85.925% (7387/8597)	👎 -8.88
Conditionals	100.0% (0/0)	💚

[endorama]

This PR closes #5712

[endorama]

I see there is a description in the screenshot and I expected to see it here. Is this missing the description field?

[zmoog]

Thanks (again) for noticing this!

I missed the line with the description field because it was attached to another change for a different PR 🤦🤦

[zmoog]

Added with 17afdcf

[endorama]

I would document the format expected by this setting, as it may not be familiar. (es a link to the documentation for the underlying string parser that converts strings to time durations)

[zmoog]

Good point! Adding it.

[zmoog]

What do you think about this?

Details at 2091d4e

[zmoog]

This PR closes #5712

Oh boy, thank you for the heads up; I forgot to add a reference to this issue! 🤦 (added in the PR description)

[elasticmachine]

Package aws - 1.33.0 containing this change is available at https://epr.elastic.co/search?package=aws