QUESTION

How do I send payloads larger than 1MB to HTTP webhook log sources in Panther?

ANSWER

Panther’s HTTP webhook has a 1MB size limit because the data goes straight to processing systems that cannot handle larger payloads. To work around this and send larger data efficiently, you can:

• Instead of sending data directly to the webhook, send it to a cloud storage service like Amazon S3 bucket. This allows Panther to handle bigger files and break them into smaller parts for processing.

• Configure Fluent Bit to send your data to S3. For an example configuration, check out the Panther documentation.