Athena query on CloudFront Logs for max rate during 5 minute interval

Maybe there’s a shorter way to express it, but you should be able to use the following expression to round your date + time to 5 minute intervals:

from_unixtime(floor(to_unixtime(from_iso8601_timestamp(CONCAT(CAST(date AS VARCHAR), 'T', time, 'Z'))) / 300) * 300)

If you use that in your first query you should get what you’re after.

