ParseToOCSFProperty

class aws_cdk.aws_logs.ParseToOCSFProperty(*, event_source, ocsf_version, source=None)

Bases: object

Processor to parse events from CloudTrail, Route53Resolver, VPCFlow, EKSAudit and AWSWAF into OCSF V1.1 format.

Parameters:

• event_source (OCSFSourceType) – Type of input log event source to convert to OCSF format.

• ocsf_version (OCSFVersion) – Version of OCSF schema to convert to.

• source (Optional[str]) – Path to the field in the log event that will be parsed. Use dot notation to access child fields. Default: ‘@message’

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_logs as logs

parse_to_oCSFProperty = logs.ParseToOCSFProperty(
    event_source=logs.OCSFSourceType.CLOUD_TRAIL,
    ocsf_version=logs.OCSFVersion.V1_1,

    # the properties below are optional
    source="source"
)

Attributes

event_source

Type of input log event source to convert to OCSF format.

ocsf_version

Version of OCSF schema to convert to.

source

Path to the field in the log event that will be parsed.

Use dot notation to access child fields.

Default:

‘@message’