aws-samples/siem-on-amazon-opensearch-service

Issues

• Support for Opensearch 2.13 / 2.15 / 2.17

  #460 opened 5 months ago by devvick
  1

• aes-siem-es-loader [ERROR] KeyError: '@id'

  #464 opened 2 months ago by iizuka-1112
  0

• EKS Audit Log Collected by Security Lake Not Loaded

  #459 opened 7 months ago by yusukex2
  1

• Inspector2 Log ingesting fail due to timestamp formatting change

  #457 opened 8 months ago by lafayette-soc
  1

• Need Guidance on Ingesting Fortigate Firewall Logs from S3 to OpenSearch

  #450 opened 9 months ago by zahirktk78
  4

• インラインポリシー「add-pandas-layer-policy」へ「lambda:ListTags」の権限追加

  #461 opened 4 months ago by yusuke-takikawa-s
  0

• The amount of logs inserted in opensearch are too large

  #452 opened 9 months ago by ripperi8u
  3

• AWS lambda log investigate

  #458 opened 7 months ago by s25arunkumar
  0

• Amplify Support

  #455 opened 8 months ago by rsi-mrobinson
  0

• Add metadata to Amazon VPC flow logs

  #454 opened 9 months ago by teppeikamohara
  0

• [ERROR] KeyError: 'userIdentity.type'

  #449 opened 9 months ago by jamaaljackson
  0

• No Action Required to "Security Lake update to latest parquet version"

  #448 opened 9 months ago by nakajiak
  0

• Object mapping for [requestParameters.map.groupBy] tried to parse field [groupBy] as object, but found a concrete value

  #447 opened 10 months ago by FerFabbiano
  1

• Support a method to directly ingest logs from the S3 bucket of Security Lake

  #443 opened 10 months ago by valmet083
  0

• Support for Security lake with OCSF v1.1.0 and Apache Iceberg

  #437 opened a year ago by nakajiak
  0

• Enriching x-forwarded-for field doesn't work in CloudFront Logs

  #423 opened a year ago by yoshiyama3
  0

• CloudTrail load: Error on requestParameters.overrides.containerOverrides.environment due to varied type

  #430 opened a year ago by kkumler
  1

• object mapping for [requestParameters.overrides.containerOverrides.environment] tried to parse field [environment] as object

  #446 opened 10 months ago by duffybelfield
  0

• Unable to integrate Control Tower in GovCloud environment

  #445 opened 10 months ago by nakajiak
  0

• An error occurred (ValidationException) when calling the UpdateDomainConfig operation

  #444 opened 10 months ago by nakajiak
  0

• Cannot import OpenSearch Dashboard's configuration files from dashboard.ndjson

  #439 opened a year ago by uniuuu
  5

• Deploy with VPC endpoint

  #429 opened a year ago by rom1spi
  1

• Slow es-loader with warning

  #438 opened a year ago by duffybelfield
  1

• Support for Opensearch 2.11

  #432 opened a year ago by stevec1980
  3

• Runtime.ImportModuleError: Unable to import module 'lambda_function': cannot import name 'is_s3express_bucket' from 'botocore.utils'

  #440 opened a year ago by nakajiak
  0

• Support AWS Canada (Calgary) Region

  #441 opened a year ago by nakajiak
  0

• update pandas sdk to v3.7.1

  #442 opened a year ago by nakajiak
  0

• Error loading WAF log to OpenSearch: "mapper_parsing_exception"

  #436 opened a year ago by kynging
  0

• Issues Ingesting VPC Flow Logs into OpenSearch SIEM with AWS Secure Environment Accelerator

  #435 opened a year ago by zahirktk78
  0

• Create Detection Rule with Custom Log Type

  #433 opened a year ago by khairulhabibataws
  1

• Cloudtrailのログを取り込む際、HIDDEN_DUE_TO_SECURITY_REASONSという文字列で秘匿化処理がかかったフィールドが混じったログの取り込みが失敗する

  #431 opened a year ago by tmat-s
  1

• Invalid regex pattern of alb

  #415 opened a year ago by mrobinson1022
  7

• Change Lambda runtime from Python 3.8/3.9 to Python 3.11

  #427 opened a year ago by nakajiak
  0

• lambda es-loader datetime.fromisoformat does not work with most ISO strings

  #422 opened a year ago by PascalArevalo
  4

• Enhance error handling for SQS

  #424 opened a year ago by nakajiak
  0

• Log exporter for PostgreSQL

  #425 opened a year ago by nakajiak
  0

• Parsing error for source port in linux log

  #426 opened a year ago by nakajiak
  0

• Need help with showing RDS logs

  #416 opened a year ago by apseftis86
  4

• enhance index alias logic and delete unnecessary indices

  #419 opened a year ago by nakajiak
  0

• update pandas sdk to v3.4.0

  #420 opened a year ago by nakajiak
  0

• Open VPN Logs

  #414 opened a year ago by redxking
  1

• AWS Cloudtrail parsing failure

  #412 opened a year ago by alemairebe
  6

• [question] Is it possible to monitor more than one S3 log bucket?

  #413 opened a year ago by 4sm-ops
  1

• Support OpenSearch 2.9

  #409 opened a year ago by nakajiak
  0

• support for nginx web server

  #408 opened a year ago by nakajiak
  0

• X-Forwarded-For enrichment

  #407 opened a year ago by nakajiak
  0

• Support for Apache Web Server

  #405 opened a year ago by nakajiak
  0

• support for Multi-AZ with Standby

  #403 opened a year ago by nakajiak
  0

• EC2 linux logs exporter

  #404 opened a year ago by nakajiak
  0

• dependency issue of ExecCustomResourceValidator

  #406 opened a year ago by nakajiak
  0