JSON parser file attached, this is not a drop-in, customization for your environment will be required, consider this a template.
You will need the developer's guide:
Also, for reference here is the AWS guide:
AWS CloudTrail User Guide
Issues I currently have with this config:
You are doing an amazing job and I hate to be a competitor, but just FYI: we release yesterday an AWS CloudTrail connector. See here: ArcSight SmartConnector Build 126.96.36.19975 is now available
Do you know can it read the zipped files that are default for S3?
No clue. I can check, but can you elaborate a bit on the question for someone like me who is not an AWS, let alone AWS logging, expert?
I am having the same issue with nested JSON. YOu stated you may have found the fix. You mid sharing. Thanks
Retrieving data ...