Inspector2 Log ingesting fail due to timestamp formatting change

aws-samples / siem-on-amazon-opensearch-service

A solution for collecting, correlating and visualizing multiple types of logs to help investigate security incidents.

MIT No Attribution

573 stars 189 forks source link

Open lafayette-soc opened 3 months ago

lafayette-soc commented 3 months ago

AWS recently updated the timestamp formatting on the inspector v2 log "updateAt" field,

The old timestamp looks like "updatedAt":"Jun 18, 2024, 12:27:04 AM" The new timestamp looks like "updatedAt":"Thu Jun 20 01:47:55.779 UTC 2024"

This change cause es-loader function failed to load any new inspector log into OpenSearch