QUESTION

Does Panther support the field discovery and infer schema features when configuring an AWS CloudWatch Logs source?

ANSWER

Panther does not support the field discovery and infer schema features for this log source type. If you are interested in support of this feature, please contact Panther Support to put in a request.

As a workaround, you can use the provided CloudFormation/Terraform template while setting up the CloudWatch Logs source. This template will create a S3 bucket. You can then onboard this S3 bucket into Panther by setting it up as a S3 source, which will allow you to Infer Schema.