Sometimes your data across log sources is not written to a dedicate key prefix for each log source. To enable more advanced use cases, we now allow supplying a key_pattern which will be used to match the incoming object based on a known pattern (e.g. r'.AWSLogs.'). This can be used in combination with key_prefix which will be used for limiting the grant read policy on Matano's role if supplied. For example:
ingest:
s3_source:
bucket_name: my-s3-bucket
key_prefix: AWSLogs
key_pattern: AWSLogs/.*/CloudTrail # regex to match files written for AWS cloudtrail with a wildcard for account names
See #90
Sometimes your data across log sources is not written to a dedicate key prefix for each log source. To enable more advanced use cases, we now allow supplying a
key_pattern
which will be used to match the incoming object based on a known pattern (e.g. r'.AWSLogs.'). This can be used in combination withkey_prefix
which will be used for limiting the grant read policy on Matano's role if supplied. For example: