How do I infer sample Cloudwatch Log Events and or JSON Array Events in Panther?

Last updated
Save as PDF

QUESTION

ANSWER

After uploading a sample file to infer logs, you can select the Stream Type. The options are lines, JSONArray, and CloudWatch Logs.

As of version 1.53, Panther supports JSON stream types for inferring schemas from an S3 source that are not new-line delimited or are multi-line JSON.

See Panther's documentation for more information on inferring a schema.