Skip to main content
Panther Knowledge Base

Can I onboard Enrichment data to Panther from S3 if my data is in a JSON array?

  1. Last updated
  2. Save as PDF

QUESTION

 Can I onboard Enrichment data from S3 If my data is in JSON array?

ANSWER

No, you cannot. If you are trying to onboard Enrichment data from S3, your logs mist be formatted as either JSONL or CSV format. They cannot be in a JSON array.

If it is possible for your organization, use a third-party software to pre-process your data file before it's sent to S3 (e.g Cribl, Fluentd, etc).

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.