{"type":"doc","content":[{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"toc","parameters":{"macroParams":{"maxLevel":{"value":"2"},"type":{"value":"flat"}},"macroMetadata":{"macroId":{"value":"4a7c0f57-709b-42c4-a35e-d1ca7cba1005"},"schemaVersion":{"value":"1"},"title":"Table of Contents"}},"localId":"950253b5-f179-4e26-bf18-1aeb31ec3196"}},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Devo recommends using the ","type":"text"},{"text":"AWS SQS collector","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.devo.com/space/latest/94655615/AWS+(S3+SQS)+collector"}}]},{"text":" instead of the AWS collector. SQS improves ease of use, reliability, and performance.","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Overview","type":"text"}]},{"type":"paragraph","content":[{"text":"Amazon Web Services (AWS) provides on-demand cloud computing platforms and APIs to individual companies. Each available AWS service generates information related to different aspects of its functionality. The available data types include service events, audit events, metrics, and logs.","type":"text"}]},{"type":"paragraph","content":[{"text":"You can use the ","type":"text"},{"text":"AWS collector","type":"text","marks":[{"type":"strong"}]},{"text":" to retrieve data from the AWS APIs and send it to your Devo domain. Once the gathered information arrives at Devo, it will be processed and included in different tables in the associated Devo domain so users can analyze it.","type":"text"}]},{"type":"paragraph","content":[{"text":"To run this collector, there are some configurations detailed below that you need to consider:","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"5eff26c3-f1bf-48f1-bc66-75d38031e771"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[216.0]},"content":[{"type":"paragraph","content":[{"text":"Configuration","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[544.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[216.0]},"content":[{"type":"paragraph","content":[{"text":"Credentials","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[544.0]},"content":[{"type":"paragraph","content":[{"text":"There are several available options to define credentials.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[216.0]},"content":[{"type":"paragraph","content":[{"text":"Service events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[544.0]},"content":[{"type":"paragraph","content":[{"text":"All the service events that are generated on AWS are managed by Cloudwatch. However, Devo’s AWS collector offers two different services that collect Cloudwatch events:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"sqs-cloudwatch-consumer","type":"text","marks":[{"type":"code"}]},{"text":" - This service is used to collect Security Hub events.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"service-events-all","type":"text","marks":[{"type":"code"}]},{"text":" -This service is used to collect events from the rest of the services on AWS.","type":"text"}]}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[216.0]},"content":[{"type":"paragraph","content":[{"text":"Audit events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[544.0]},"content":[{"type":"paragraph","content":[{"text":"For the S3+SQS approach (setting types as audits_s3) some previous configuration is required.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[216.0]},"content":[{"type":"paragraph","content":[{"text":"Logs","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[544.0]},"content":[{"type":"paragraph","content":[{"text":"Logs can be collected from different services. Depending on the type, some previous setups must be applied on AWS.","type":"text"}]}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"More information","type":"text","marks":[{"type":"strong"}]}]},{"type":"paragraph","content":[{"text":"Refer to the ","type":"text"},{"text":"Vendor setup ","type":"text","marks":[{"type":"link","attrs":{"href":"#"}}]},{"text":"section to know more about these configurations.","type":"text"}]}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"If you need to pull global service events created by CloudFront, IAM and AWS STS, US regions will need to be enabled within the collector. For more information, see ","type":"text"},{"text":"Viewing CloudTrail events with the AWS CLI","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events-cli.html"}}]},{"text":" and ","type":"text"},{"text":"Using update-trail","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-create-and-update-a-trail-by-using-the-aws-cli-update-trail.html"}}]},{"text":".","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Devo collector features","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"0ab3b2ef-2f2a-4b04-9967-e08c1200cb68"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"Feature","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"Allow parallel downloading (","type":"text"},{"text":"multipod","type":"text","marks":[{"type":"code"}]},{"text":")","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"not allowed","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"Running environments","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"collector server","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"on-premise","type":"text","marks":[{"type":"code"}]}]}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"Populated Devo events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"table","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"Flattening preprocessing","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[380.0]},"content":[{"type":"paragraph","content":[{"text":"no","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Data sources","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"342ef149-28ba-4bf9-9b6e-7bada89444df"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[135.0]},"content":[{"type":"paragraph","content":[{"text":"Data source","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"API endpoint","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"Collector service name","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[119.0]},"content":[{"type":"paragraph","content":[{"text":"Devo table","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","content":[{"text":"Available from release","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[135.0]},"content":[{"type":"paragraph","content":[{"text":"Service events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"The different available services in AWS usually generate some information related to their internal behaviors, such as \"a virtual machine has been started\", \"a new file has been created in an S3 bucket\" or \"an AWS lambda function has been invoked\" and this kind of event can be triggered by no human interaction.","type":"text"}]},{"type":"paragraph","content":[{"text":"The service events are managed by the ","type":"text"},{"text":"CloudWatch Events","type":"text","marks":[{"type":"code"}]},{"text":" service (","type":"text"},{"text":"CWE","type":"text","marks":[{"type":"code"}]},{"text":"), recently AWS has created a new service called ","type":"text"},{"text":"Amazon EventBridge","type":"text","marks":[{"type":"code"}]},{"text":" that tends to replace the ","type":"text"},{"text":"CWE","type":"text","marks":[{"type":"code"}]},{"text":" service.","type":"text"}]},{"type":"paragraph","content":[{"text":"The findings detected by ","type":"text"},{"text":"AWS Security Hub","type":"text","marks":[{"type":"code"}]},{"text":" are also managed by ","type":"text"},{"text":"CloudWatch Events (CWE)","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"ReceiveMessage","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"ReceiveMessage - Amazon Simple Queue Service","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ReceiveMessage.html"}}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"Generic events:","type":"text"}]},{"type":"paragraph","content":[{"text":"service-events-all","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"Security Hub events:","type":"text"}]},{"type":"paragraph","content":[{"text":"sqs-cloudwatch-consumer","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[119.0]},"content":[{"type":"paragraph","content":[{"text":"Generic events:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter in config file is not set or set to ","type":"text"},{"text":"false","type":"text","marks":[{"type":"code"}]},{"text":": ","type":"text"},{"text":"cloud.aws.cloudwatch.events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter in config file is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":": ","type":"text"},{"text":"cloud.aws.cloudwatch.{event_type}","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"paragraph","content":[{"text":"Security Hub events:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"cloud.aws.securityhub.findings","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"-","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[135.0]},"content":[{"type":"paragraph","content":[{"text":"Audit events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"This kind of event is more specific because they are triggered by a human interaction no matter the different ways used: API, web interaction, or even the CLI console.","type":"text"}]},{"type":"paragraph","content":[{"text":"The audit events are managed by the ","type":"text"},{"text":"CloudTrail","type":"text","marks":[{"type":"code"}]},{"text":" service.","type":"text"}]},{"type":"paragraph","content":[{"text":"There are two ways to read Audit events:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"API: using CloudTrail API. This way is slower, but it can retrieve data back in time.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"S3+SQS: forwarding CloudTrail data to an S3 bucket and reading from there through a SQS queue. This way is much faster, but it only can retrieve elements since the creation of the S3+SQS pipeline.","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"Via API:","type":"text"}]},{"type":"paragraph","content":[{"text":"LookupEvents","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"LookupEvents - AWS CloudTrail","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_LookupEvents.html"}}]}]},{"type":"paragraph","content":[{"text":"Via S3+SQS:","type":"text"}]},{"type":"paragraph","content":[{"text":"ReceiveMessage","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"ReceiveMessage - Amazon Simple Queue Service","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ReceiveMessage.html"}}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"audit-events-all","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[119.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter in config file is not set or set to ","type":"text"},{"text":"false","type":"text","marks":[{"type":"code"}]},{"text":": ","type":"text"},{"text":"cloud.aws.cloudtrail.events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter in config file is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":": ","type":"text"},{"text":"cloud.aws.cloudtrail.{event_type}","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"-","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[135.0]},"content":[{"type":"paragraph","content":[{"text":"Metrics","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"According to the standard definition, this kind of information is usually generated at the same moment is requested because it is usually a query about the status of a service (all things inside AWS are considered services).","type":"text"}]},{"type":"paragraph","content":[{"text":"AWS makes something slightly different because what is doing is to generate metrics information every N time slots, such as 1 min, 5 min, 30 min, 1h, etc., even if no one makes a request (also is possible to have information every X seconds but this would require extra costs).","type":"text"}]},{"type":"paragraph","content":[{"text":"The metrics are managed by the ","type":"text"},{"text":"CloudWatch Metrics","type":"text","marks":[{"type":"code"}]},{"text":" service (","type":"text"},{"text":"CWM","type":"text","marks":[{"type":"code"}]},{"text":").","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"ListMetrics","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"ListMetrics - Amazon CloudWatch","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html"}}]}]},{"type":"paragraph","content":[{"text":"After listing the metrics, ","type":"text"},{"text":"GetMetricData","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"GetMetricStatistics","type":"text","marks":[{"type":"code"}]},{"text":" are also called.","type":"text"}]},{"type":"paragraph","content":[{"text":"GetMetricData - Amazon CloudWatch","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricData.html"}}]}]},{"type":"paragraph","content":[{"text":"GetMetricStatistics - Amazon CloudWatch","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_GetMetricStatistics.html"}}]}]},{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"metrics-all","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[119.0]},"content":[{"type":"paragraph","content":[{"text":"cloud.aws.cloudwatch.metrics","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"-","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[135.0]},"content":[{"type":"paragraph","content":[{"text":"Logs","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"Logs could be defined as information with a non-fixed structure that is sent to one of the available “logging” services, these services are ","type":"text"},{"text":"CloudWatch Logs","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"S3","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"There are some very customizable services, such as ","type":"text"},{"text":"AWS Lambda","type":"text","marks":[{"type":"code"}]},{"text":", or even any developed application which is deployed inside an AWS virtual machine (","type":"text"},{"text":"EC2","type":"text","marks":[{"type":"code"}]},{"text":"), that can generate custom log information, this kind of information is managed by the ","type":"text"},{"text":"CloudWatch Logs","type":"text","marks":[{"type":"code"}]},{"text":" service (","type":"text"},{"text":"CWL","type":"text","marks":[{"type":"code"}]},{"text":") and also by the ","type":"text"},{"text":"S3","type":"text","marks":[{"type":"code"}]},{"text":" service.","type":"text"}]},{"type":"paragraph","content":[{"text":"There are also some other services that can generate logs with a fixed structure, such as ","type":"text"},{"text":"VPC Flow Logs","type":"text","marks":[{"type":"code"}]},{"text":" or ","type":"text"},{"text":"CloudFront Logs","type":"text","marks":[{"type":"code"}]},{"text":". These kinds of services require one special way of collecting their data.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"DescribeLogStreams","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"DescribeLogStreams - Amazon CloudWatch Logs","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeLogStreams.html"}}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"Logs can be:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Managed by Cloudwatch: This is a custom service that is activated using service ","type":"text"},{"text":"custom_service","type":"text","marks":[{"type":"code"}]},{"text":" and including the type ","type":"text"},{"text":"logs","type":"text","marks":[{"type":"code"}]},{"text":" into the ","type":"text"},{"text":"types","type":"text","marks":[{"type":"code"}]},{"text":" parameter in the config file.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Not managed by Cloudwatch: Use ","type":"text"},{"text":"non-cloudwatch-logs","type":"text","marks":[{"type":"code"}]},{"text":" service and include the required type (","type":"text"},{"text":"flowlogs","type":"text","marks":[{"type":"code"}]},{"text":" for VPC Flow Logs and/or ","type":"text"},{"text":"cloudfrontlogs","type":"text","marks":[{"type":"code"}]},{"text":" for CloudFront Logs) into the ","type":"text"},{"text":"types","type":"text","marks":[{"type":"code"}]},{"text":" parameter in the config file.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[119.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Managed by Cloudwatch: ","type":"text"},{"text":"cloud.aws.cloudwatch.logs","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Not managed by Cloudwatch:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"VPC Flow Logs:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter in config file is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":": ","type":"text"},{"text":"cloud.aws.vpc.unknown","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter in config file is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":": ","type":"text"},{"text":"cloud.aws.vpc.{event_type}","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"CloudFront Logs:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter in config file is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":": ","type":"text"},{"text":"cloud.aws.cloudfront.unknown","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter in config file is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":": ","type":"text"},{"text":"cloud.aws.cloudfront.{event_type}","type":"text","marks":[{"type":"code"}]}]}]}]}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","content":[{"text":"-","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[135.0]},"content":[{"type":"paragraph","content":[{"text":"AWS GuardDuty","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"AWS GuardDuty is a managed threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.","type":"text"}]},{"type":"paragraph","content":[{"text":"Data Sources","type":"text","marks":[{"type":"strong"}]},{"text":": GuardDuty ingests and processes data from AWS CloudTrail logs, VPC Flow Logs, and DNS logs","type":"text"},{"type":"hardBreak"}]},{"type":"paragraph","content":[{"text":"Findings","type":"text","marks":[{"type":"strong"}]},{"text":": When a potential threat is detected, GuardDuty generates a finding. These findings provide details about the activity, including the affected resources, type of threat, and suggested remediation actions.","type":"text"}]},{"type":"paragraph","content":[{"text":"We are using API to get findings of GuardDuty service.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"What is Amazon GuardDuty? - Amazon GuardDuty","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html"}}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"aws-guardduty","type":"text","marks":[{"type":"code"}]},{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[119.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"cloud.aws.guardduty.findings","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","content":[{"text":"v1.10.0","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[135.0]},"content":[{"type":"paragraph","content":[{"text":"Cisco Umbrella [Non-AWS service]","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"Cisco Umbrella is a cloud-driven Secure Internet Gateway (SIG) that leverages insights gained through the analysis of various logs, including DNS logs, IP logs, and Proxy logs, to provide a first line of defense.","type":"text"}]},{"type":"paragraph","content":[{"text":"DNS logs","type":"text","marks":[{"type":"strong"}]},{"text":" record all DNS queries that are made through the Cisco Umbrella DNS resolvers. These logs contain data about the DNS queries originating from your network, requested domain names and the IP address of the requester.","type":"text"}]},{"type":"paragraph","content":[{"text":"IP logs","type":"text","marks":[{"type":"strong"}]},{"text":" capture all IP-based communications that occur through the network. These logs store details such as the source and destination IP addresses, ports and protocols used.","type":"text"}]},{"type":"paragraph","content":[{"text":"Proxy logs","type":"text","marks":[{"type":"strong"}]},{"text":" are generated when users access web resources through the Cisco Umbrella intelligent proxy. They contain detailed information on the web traffic including the URL accessed, the method of access (GET, POST, etc.), the response status, etc","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"Via S3+SQS:","type":"text"}]},{"type":"paragraph","content":[{"text":"ReceiveMessage","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"ReceiveMessage - Amazon Simple Queue Service","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_ReceiveMessage.html"}}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[125.0]},"content":[{"type":"paragraph","content":[{"text":"cisco-umbrella","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[119.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"sig.cisco.umbrella.dns","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"sig.cisco.umbrella.ip","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"sig.cisco.umbrella.proxy","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.6.0","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Vendor setup","type":"text"}]},{"type":"paragraph","content":[{"type":"inlineExtension","attrs":{"extensionType":"com.atlassian.confluence.macro.core","extensionKey":"anchor","parameters":{"macroParams":{"":{"value":"Vendor-setup"},"legacyAnchorId":{"value":"AWScollector-Vendor-setup"}},"macroMetadata":{"macroId":{"value":"bc9e2b58c6560620f4163940b6de9945"},"schemaVersion":{"value":"1"},"title":"Anchor"}},"localId":"df33c3f8-1130-476f-807f-3a6ba1c532c2"}}]},{"type":"paragraph","content":[{"text":"There are some minimal requirements to set up this collector:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"AWS console access: Credentials are required to access the AWS console.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Owner or Administrator permissions within the AWS console, or the fill access to configure AWS services.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Some manual actions are necessary in order to get all the required information or services and allow Devo to gather information from AWS. The following sections describe how to get the required AWS credentials and how to proceed with the different required setups depending on the gathered information type.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Credentials","type":"text"}]},{"type":"paragraph","content":[{"text":"It’s recommended to have available or create the following IAM policies before the creation of the IAM user that will be used for the AWS collector.","type":"text"}]},{"type":"expand","attrs":{"title":"Policy details"},"content":[{"type":"paragraph","content":[{"text":"Some collector services require the creation of some IAM policies before creating the IAM user that will be used for the AWS collector. The following table contains the details about the policies that could be used by the AWS collector:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"146f5039-c512-4c07-829a-17e4ef57444c"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[104.0]},"content":[{"type":"paragraph","content":[{"text":"Source type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"AWS Data Bus","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"Recommended policy name","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"Variant","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":" Additional info","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[104.0]},"content":[{"type":"paragraph","content":[{"text":"Service events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"CloudWatch Events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"devo-cloudwatch-events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"All resources","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"panel","attrs":{"panelType":"success"},"content":[{"type":"paragraph","content":[{"text":"It’s not required the creation of any new policy due to there are not needed any permissions","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":3,"colwidth":[104.0]},"content":[{"type":"paragraph","content":[{"text":"Audit events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"CloudTrail API","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"devo-cloudtrail-api","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"All resources","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": \"cloudtrail:LookupEvents\",\n \"Resource\": \"*\"\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"-","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"-","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"Specific resource","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"panel","attrs":{"panelType":"error"},"content":[{"type":"paragraph","content":[{"text":"There is no way for limiting the accessed resources","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"CloudTrail S3+SQS","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"devo-cloudtrail-s3","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"All resources","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"*\"\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[104.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"-","type":"text","marks":[{"type":"code"}]},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"-","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"Specific S3 bucket","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the value for the property called Resource should be changed with the proper value","type":"text"}]}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"It very important the ","type":"text"},{"text":"/*","type":"text","marks":[{"type":"code"}]},{"text":" string at the end of each bucket name","type":"text"}]}]},{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": [\n \"arn:aws:s3:::devo-cloudtrail-storage-bucket1/*\",\n \"arn:aws:s3:::devo-cloudtrail-storage-bucket2/*\"\n ]\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":2,"colwidth":[104.0]},"content":[{"type":"paragraph","content":[{"text":"Metrics","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":2,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"CloudWatch Metrics","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":2,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"devo-cloudwatch-metrics","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"All resources","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"cloudwatch:GetMetricData\",\n \"cloudwatch:ListMetrics\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"Specific resource","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"panel","attrs":{"panelType":"error"},"content":[{"type":"paragraph","content":[{"text":"There is no way for limiting the accessed resources","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":4,"colwidth":[104.0]},"content":[{"type":"paragraph","content":[{"text":"Logs","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":2,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"CloudWatch Logs","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":2,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"devo-cloudwatch-logs","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"All log groups","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the value for property ","type":"text"},{"text":"Resource","type":"text","marks":[{"type":"code"}]},{"text":" should be adapted with the proper account id value.","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n \"logs:FilterLogEvents\"\n ],\n \"Resource\": \"arn:aws:logs:*:936082584952:log-group:*\"\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"Specific log groups","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that values inside the ","type":"text"},{"text":"Resources","type":"text","marks":[{"type":"code"}]},{"text":" property are only examples and they should be changed with the proper values.","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:DescribeLogGroups\",\n \"logs:DescribeLogStreams\",\n \"logs:FilterLogEvents\"\n ],\n \"Resource\": [\n \"arn:aws:logs:*:936082584952:log-group:/aws/events/devo-cloudwatch-test-1:*\",\n \"arn:aws:logs:*:936082584952:log-group:/aws/events/devo-cloudwatch-test-2:*\"\n ]\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":2,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"Logs to S3 + SQS","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":2,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"devo-vpcflow-logs","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"All resources","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"*\"\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"Specific resource","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::vpc-flowlogs-test1/*\"\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[104.0]},"content":[{"type":"paragraph","content":[{"text":"Cisco Umbrella","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"Logs to S3 + SQS","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"devo-cisco-umbrella","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"Specific resource","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"VisualEditor0\",\n \"Effect\": \"Allow\",\n \"Action\": \"s3:GetObject\",\n \"Resource\": \"arn:aws:s3:::cisco-logs-us-west-1//*\"\n }\n ]\n}","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[104.0]},"content":[{"type":"paragraph","content":[{"text":"AWS GuardDuty","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[86.0]},"content":[{"type":"paragraph","content":[{"text":"Guardduty API","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"devo-guardduty-api","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[137.0]},"content":[{"type":"paragraph","content":[{"text":"Specific resource","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"codeBlock","content":[{"text":"{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"guardduty:GetFindings\",\n \"guardduty:ListFindings\",\n \"guardduty:ListDetectors\"\n ],\n \"Resource\": \"arn:aws:guardduty:::detector/*\"\n\"Resource\": \"arn:aws:guardduty:::detector/*\"\n\n }\n ]\n}","type":"text"}]}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"All the previous policies are defined to be ","type":"text"},{"text":"AWS region","type":"text","marks":[{"type":"em"}]},{"text":" agnostic, which means, that they will be valid for any ","type":"text"},{"text":"AWS region","type":"text","marks":[{"type":"em"}]},{"text":".","type":"text"}]}]}]},{"type":"expand","attrs":{"title":"Using a user account and local policies"},"content":[{"type":"paragraph","content":[{"text":"Depending on which source types are collected, one or more of the policies described above will be used. Once the required policies are created, each one must be associated with an IAM user. To create it, visit the ","type":"text"},{"text":"AWS Console","type":"text","marks":[{"type":"link","attrs":{"href":"https://aws.amazon.com/es/"}}]},{"text":" and log in with a user account with enough permissions to create and access AWS structures:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"IAM → Users","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click ","type":"text"},{"text":"Add users","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Enter the required value in the filed ","type":"text"},{"text":"User name","type":"text","marks":[{"type":"em"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Enable the checkbox ","type":"text"},{"text":"Access key - Programmatic access","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Next: Tags ","type":"text","marks":[{"type":"strong"}]},{"text":"button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Next: Review","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create user","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"Access Key ID","type":"text","marks":[{"type":"strong"}]},{"text":" and ","type":"text"},{"text":"Secret Key ","type":"text","marks":[{"type":"strong"}]},{"text":"will show. Click ","type":"text"},{"text":"Download.csv ","type":"text","marks":[{"type":"strong"}]},{"text":"button and save it.","type":"text"}]}]}]}]},{"type":"expand","attrs":{"title":"Assuming a role (self-account)"},"content":[{"type":"paragraph","content":[{"text":"It is best practice to assume roles that are granted just the required privileges to perform an action. If the customer does not want to use their own AWS use to perform these actions required by the collector - because it has far more privileges than required - they can use this option. Note that this option requires the use of ","type":"text"},{"text":"AWS account credentials","type":"text","marks":[{"type":"strong"}]},{"text":". To avoid sharing those credentials, check the Cross Account section below.","type":"text"}]},{"type":"paragraph","content":[{"text":"Then the customer must attach the ","type":"text"},{"text":"required policies to AWS","type":"text","marks":[{"type":"strong"}]},{"text":" to the role that is going to be assumed.","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to IAM → Roles.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create role","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Trusted entity type","type":"text","marks":[{"type":"strong"}]},{"text":", select ","type":"text"},{"text":"AWS account","type":"text","marks":[{"type":"strong"}]},{"text":" and then select ","type":"text"},{"text":"This account (123456789012)","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Add the required policies.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Give a name to the role.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create role","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"You should also add authentication credentials to the configuration. Add the next fields into the configuration:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"access_key","type":"text","marks":[{"type":"code"}]},{"text":": This is the Access Key ID provided by AWS during the user creation process.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"access_secret","type":"text","marks":[{"type":"code"}]},{"text":": This is the Secret Access Key provided by AWS during the user creation process. ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"base_assume_role","type":"text","marks":[{"type":"code"}]},{"text":": This is the ARN of the role that is going to be assumed by the user authenticated with the parameters above, ","type":"text"},{"text":"access_key","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"access_secret","type":"text","marks":[{"type":"code"}]},{"text":". This role has to be properly granted to allow the actions that the collector is going to perform.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"These fields need to be in the credentials and are required to use this authentication method:","type":"text"}]},{"type":"codeBlock","content":[{"text":"...,\n\"credentials\":{\n \"access_key\": \"\",\n \"access_secret\": \"\",\n \"base_assume_role\": \"arn:aws:iam:::role/\"\n}\n...,","type":"text"}]}]},{"type":"expand","attrs":{"title":"Assuming a role (cross-account)"},"content":[{"type":"paragraph","content":[{"text":"In case you don't want to share your credentials with Devo, you should add some parameters to the configuration file. In the credentials section, instead. of sharing ","type":"text"},{"text":"access_key","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"access_secret","type":"text","marks":[{"type":"code"}]},{"text":". Follow these steps to allow this authentication:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Prepare the environment to allow Devo’s cloud collector server to assume roles cross-account.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Add ARNs for each role into the configuration:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"base_assume_role","type":"text","marks":[{"type":"code"}]},{"text":": This is the ARN of the role that is going to be assumed by the profile bound to the machine/instance where the collector is running. This role already exists in Devo's AWS account and its value must be: ","type":"text"},{"text":"arn:aws:iam::837131528613:role/devo-xaccount-cs-role","type":"text","marks":[{"type":"code"}]},{"text":" *","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"target_assume_role","type":"text","marks":[{"type":"code"}]},{"text":": This is the ARN of the role in the AWS account. This role allows the collector to have access to the resources specified in this role. To keep your data secure, please, use policies that grant just the necessary permissions.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"assume_role_external_id","type":"text","marks":[{"type":"code"}]},{"text":" : This is an optional parameter to add more security to this Cross Account operation. This value should be a string added to the request to assume the customer’s role.","type":"text"}]}]}]}]}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"*New role","type":"text","marks":[{"type":"strong"}]}]},{"type":"paragraph","content":[{"text":"If you’re deploying your collector using the ","type":"text"},{"text":"Cloud collector app","type":"text","marks":[{"type":"link","attrs":{"href":"https://devodocs.atlassian.net/wiki/spaces/latest/pages/333905965"}}]},{"text":", you should use the following role instead of the one above:","type":"text"}]},{"type":"paragraph","content":[{"text":"arn:aws:iam::476382791543:role/devo-xaccount-cc","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"For more information, please ","type":"text"},{"text":"contact us","type":"text","marks":[{"type":"link","attrs":{"href":"mailto:support@devo.com"}}]},{"text":".","type":"text"}]}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Credentials","type":"text","marks":[{"type":"strong"}]}]},{"type":"paragraph","content":[{"text":"This authentication method has not shared credentials. This fields needs to be in the ","type":"text"},{"text":"credentials","type":"text","marks":[{"type":"code"}]},{"text":" and are all required, except ","type":"text"},{"text":"assume_role_external_id","type":"text","marks":[{"type":"code"}]},{"text":" which is optional:","type":"text"}]}]},{"type":"codeBlock","content":[{"text":"...,\n\"credentials\":{\n \"base_assume_role\": \"arn:aws:iam:::role/\",\n \"target_assume_role\": \"arn:aws:iam:::role/\",\n \"assume_role_external_id\": \"\"\n}\n...,","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Service Events","type":"text"}]},{"type":"paragraph","content":[{"text":"Cloudwatch manages all the service events that have been generated on AWS. However, Devo’s AWS Collector offers two different services that collect Cloudwatch Events:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"sqs-cloudwatch-consumer","type":"text","marks":[{"type":"code"}]},{"text":": This service is used to collect Security Hub events.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"service-events-all","type":"text","marks":[{"type":"code"}]},{"text":": This service is used to collect events from the rest of the services on AWS","type":"text"}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Service events","type":"text","marks":[{"type":"strong"}]}]},{"type":"paragraph","content":[{"text":"Some previous configurations are required if you want to use any of these services. The ","type":"text"},{"text":"AWS services","type":"text","marks":[{"type":"strong"}]},{"text":" generate service events per region, so the following instructions should be applied in each region where the collecting information is required. There are some structures that you need to create for collecting these service events: ","type":"text"},{"text":"FIFO queue","type":"text","marks":[{"type":"code"}]},{"text":" in the ","type":"text"},{"text":"SWS service","type":"text","marks":[{"type":"strong"}]},{"text":" and ","type":"text"},{"text":"Rule+Target","type":"text","marks":[{"type":"code"}]},{"text":" in the ","type":"text"},{"text":"CloudWatch service","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"paragraph","content":[{"text":"If you want to create them manually, click on each one to follow the steps.","type":"text"}]},{"type":"expand","attrs":{"title":"SQS FIFO queue creation"},"content":[{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"Simple Queue Service","type":"text","marks":[{"type":"strong"}]},{"text":" and click on ","type":"text"},{"text":"Create queue","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Details section","type":"text","marks":[{"type":"strong"}]},{"text":". Choose ","type":"text"},{"text":"FIFO queue type","type":"text","marks":[{"type":"em"}]},{"text":" and set the name field value you prefer. It must end with","type":"text"},{"text":" .fifo ","type":"text","marks":[{"type":"code"}]},{"text":"suffix.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Configuration section","type":"text","marks":[{"type":"strong"}]},{"text":". Set the ","type":"text"},{"text":"Message retention period","type":"text","marks":[{"type":"em"}]},{"text":" field value to 5 days. Be sure that ","type":"text"},{"text":"Content-based deduplication","type":"text","marks":[{"type":"strong"}]},{"text":" checkbox is marked.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the Access policy section. Choose method ","type":"text"},{"text":"Basic","type":"text","marks":[{"type":"em"}]},{"text":" and choose ","type":"text"},{"text":"Only the queue owner","type":"text","marks":[{"type":"em"}]},{"text":" for receiving and sending permissions.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Optional step. Create one tag with Key ","type":"text"},{"text":"usedby","type":"text","marks":[{"type":"em"}]},{"text":" and value ","type":"text"},{"text":"devo-collector","type":"text","marks":[{"type":"em"}]},{"text":". ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create queue","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]}]},{"type":"expand","attrs":{"title":"EventBridge Rule + Target creation"},"content":[{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to EventBridge, expand Evvents in the left-menu side and click on Rules.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Defined rule detail section","type":"text","marks":[{"type":"strong"}]},{"text":", fill the required data and select the Rule type called ","type":"text"},{"text":"Rule with an event pattern","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Build event pattern section","type":"text","marks":[{"type":"strong"}]},{"text":", select ","type":"text"},{"text":"All events","type":"text","marks":[{"type":"strong"}]},{"text":".*","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Select Target section","type":"text","marks":[{"type":"strong"}]},{"text":", select ","type":"text"},{"text":"AWS target","type":"text","marks":[{"type":"strong"}]},{"text":" as a target type and fill the SQS queue information. In the","type":"text"},{"text":" Message group ID","type":"text","marks":[{"type":"strong"}]},{"text":" write","type":"text"},{"text":" devo-collector","type":"text","marks":[{"type":"em"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Optional step. Configure tags section.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Review and create section","type":"text","marks":[{"type":"strong"}]},{"text":", just check the different sections and once everything is correct, click on","type":"text"},{"text":" Create rule","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"( * )Note for Security Hub","type":"text","marks":[{"type":"strong"}]}]},{"type":"paragraph","content":[{"text":"To retrieve ","type":"text"},{"text":"Security Hub Findings","type":"text","marks":[{"type":"strong"}]},{"text":", in ","type":"text"},{"text":"Build event pattern section","type":"text","marks":[{"type":"strong"}]},{"text":", select AWS events or EventBridge partner events in Event source. Then, go to ","type":"text"},{"text":"Sample events","type":"text","marks":[{"type":"strong"}]},{"text":" - optional part and select ","type":"text"},{"text":"AWS events in Sample event type","type":"text","marks":[{"type":"strong"}]},{"text":". In ","type":"text"},{"text":"Sample events ","type":"text","marks":[{"type":"strong"}]},{"text":"select ","type":"text"},{"text":"Security Hub Findings - Custom Action","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Steps to enable Audit Events","type":"text"}]},{"type":"paragraph","content":[{"text":"No actions are required in Cloudtrail Service for retrieving this kind of information when the API approach is used (setting ","type":"text"},{"text":"types","type":"text","marks":[{"type":"strong"}]},{"text":" as ","type":"text"},{"text":"audit_apis","type":"text","marks":[{"type":"strong"}]},{"text":").","type":"text"}]},{"type":"paragraph","content":[{"text":"For the S3+SQS approach (setting types as audits_s3) some previous configuration is required. Find a complete description of how to create an S2 +SQS pipeline ","type":"text"},{"text":"here","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.devo.com/space/latest/94655615/AWS+(S3%2BSQS)+collector"}}]},{"text":".","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Steps to enable Metrics","type":"text"}]},{"type":"paragraph","content":[{"text":"No actions are required in ","type":"text"},{"text":"CloudWatch Metrics","type":"text","marks":[{"type":"strong"}]},{"text":" service for retrieving this kind of information.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Steps to enable Logs","type":"text"}]},{"type":"paragraph","content":[{"text":"Logs can be collected from different services. Depending on the type, some previous setups must be applied on AWS:","type":"text"}]},{"type":"expand","attrs":{"title":"CloudWatch Logs"},"content":[{"type":"paragraph","content":[{"text":"No actions are required in this service for retrieving this kind of information.","type":"text"}]}]},{"type":"expand","attrs":{"title":"VPC Flow Logs"},"content":[{"type":"paragraph","content":[{"text":"Before enabling the generation of these logs some structures must be created: one ","type":"text"},{"text":"bucket","type":"text","marks":[{"type":"strong"}]},{"text":" in the ","type":"text"},{"text":"S3 service","type":"text","marks":[{"type":"strong"}]},{"text":" and one ","type":"text"},{"text":"FIFO queue","type":"text","marks":[{"type":"strong"}]},{"text":" in the","type":"text"},{"text":" SQS service.","type":"text","marks":[{"type":"strong"}]}]},{"type":"paragraph","content":[{"text":"Follow the steps to create those structures manually:","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Create SQS Stadard queue ","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"Simple Queue Service","type":"text","marks":[{"type":"strong"}]},{"text":" and click on ","type":"text"},{"text":"Create queue","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Details","type":"text","marks":[{"type":"strong"}]},{"text":" section. Choose the ","type":"text"},{"text":"Standard queue type","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Configuration","type":"text","marks":[{"type":"strong"}]},{"text":" section set the ","type":"text"},{"text":"Message retention period field value","type":"text","marks":[{"type":"strong"}]},{"text":" to 5 days and leave the rest of the values from the ","type":"text"},{"text":"Configuration","type":"text","marks":[{"type":"strong"}]},{"text":" section with the default ones.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Access Policy","type":"text","marks":[{"type":"strong"}]},{"text":" section choose","type":"text"},{"text":" method Advanced","type":"text","marks":[{"type":"strong"}]},{"text":" and adapt this value ","type":"text"},{"text":"Principal: {\"AWS·:·\"}","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Optional. In the Tag section create one tag with key “usedBy” and value “devo-collector”.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create queue","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Create or configure S3 bucket","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"S3","type":"text","marks":[{"type":"strong"}]},{"text":" and click on Create","type":"text"},{"text":" bucket button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the preferred value in the ","type":"text"},{"text":"Bucket name field","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Choose any Region value. ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the ","type":"text"},{"text":"next button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Optional. Create one tag with Key. “usedBy” and value “devo-collector”. ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Leave all values with the default ones and click on the ","type":"text"},{"text":"next button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create bucket button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Mark the checkbox next to the previously created S3 Bucket.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Mark the checkbox next to the previously created S3 bucket.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"n the popup box click on ","type":"text"},{"text":"Copy Bucket ARN","type":"text","marks":[{"type":"strong"}]},{"text":" button and save the content for being used in the next steps.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In S3 bucket list click on the previously created ","type":"text"},{"text":"bucket name","type":"text","marks":[{"type":"strong"}]},{"text":" link.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the ","type":"text"},{"text":"Properties","type":"text","marks":[{"type":"strong"}]},{"text":" tab.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the","type":"text"},{"text":" Events box.","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the ","type":"text"},{"text":"Add notification","type":"text","marks":[{"type":"strong"}]},{"text":" link.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the preferred value in ","type":"text"},{"text":"Name","type":"text","marks":[{"type":"strong"}]},{"text":" field.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Mark ","type":"text"},{"text":"All object create events","type":"text","marks":[{"type":"strong"}]},{"text":" checkbox.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In ","type":"text"},{"text":"Send to","type":"text","marks":[{"type":"strong"}]},{"text":" field select ","type":"text"},{"text":"SQS Queue","type":"text","marks":[{"type":"strong"}]},{"text":" as value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Select the previously created SQS queue in ","type":"text"},{"text":"SQS","type":"text","marks":[{"type":"strong"}]},{"text":" field.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Create Flow Log","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"VPC service.","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Select any available VPC (or create a new one).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Choose","type":"text"},{"text":" Flow Logs","type":"text","marks":[{"type":"strong"}]},{"text":" tab.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on","type":"text"},{"text":" Create flow log button.","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Choose the preferred Filter value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Choose the preferred Maximum aggregation interval value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Select as Destination field value ","type":"text"},{"text":"Send to an S3 bucket","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In ","type":"text"},{"text":"S3 bucket ARN","type":"text","marks":[{"type":"strong"}]},{"text":" field value set the ARN of the previously created S3 bucket (Saved in a previous step).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Be sure that the format field has set the value AWS default format.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Optional. Create one tag with Key \"usedBy\" and Value \"devo-collector\"","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]}]},{"type":"expand","attrs":{"title":"Cloudfront Logs"},"content":[{"type":"paragraph","content":[{"text":"Before enabling the generation of these logs some structures must be created: one ","type":"text"},{"text":"bucket","type":"text","marks":[{"type":"strong"}]},{"text":" in the ","type":"text"},{"text":"S3","type":"text","marks":[{"type":"em"}]},{"text":" service and one ","type":"text"},{"text":"FIFO queue","type":"text","marks":[{"type":"strong"}]},{"text":" in the ","type":"text"},{"text":"SQS","type":"text","marks":[{"type":"em"}]},{"text":" service.","type":"text"}]},{"type":"paragraph","content":[{"text":"For the manual creation of these required structures, please follow the next steps:","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Create SQS Standard queue","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"Simple Queue Service","type":"text","marks":[{"type":"strong"}]},{"text":" and click on ","type":"text"},{"text":"Create queue button.","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Details section","type":"text","marks":[{"type":"strong"}]},{"text":" choose ","type":"text"},{"text":"Standardqueue typ","type":"text","marks":[{"type":"strong"}]},{"text":" and set the Name field value you prefer.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Configuration section","type":"text","marks":[{"type":"strong"}]},{"text":" set the ","type":"text"},{"text":"Message retention period field","type":"text","marks":[{"type":"strong"}]},{"text":" value to 5 Day and leave the rest values from ","type":"text"},{"text":"Configuration section","type":"text","marks":[{"type":"strong"}]},{"text":" with the default ones.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Access policy","type":"text","marks":[{"type":"strong"}]},{"text":" section choose method ","type":"text"},{"text":"Advance","type":"text","marks":[{"type":"strong"}]},{"text":" and replace ","type":"text"},{"text":"\"Principal\": {\"AWS\":\"\"}","type":"text","marks":[{"type":"code"}]},{"text":" with ","type":"text"},{"text":"\"Principal\": \"*\" (leave rest of JSON as come)","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Optional. In the ","type":"text"},{"text":"Tags section","type":"text","marks":[{"type":"strong"}]},{"text":" create one tag with Key \"usedBy\" and Value \"devo-collector\"","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create queue button.","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Create or configure S3 bucket","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"S3","type":"text","marks":[{"type":"strong"}]},{"text":" and click on Create","type":"text"},{"text":" bucket button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the preferred value in the ","type":"text"},{"text":"Bucket name field","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Choose any Region value. ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the ","type":"text"},{"text":"next button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Optional. Create one tag with Key. “usedBy” and value “devo-collector”. ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Leave all values with the default ones and click on the ","type":"text"},{"text":"next button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create bucket button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Mark the checkbox next to the previously created S3 Bucket.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Mark the checkbox next to the previously created S3 bucket.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"n the popup box click on ","type":"text"},{"text":"Copy Bucket ARN","type":"text","marks":[{"type":"strong"}]},{"text":" button and save the content for being used in the next steps.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In S3 bucket list click on the previously created ","type":"text"},{"text":"bucket name","type":"text","marks":[{"type":"strong"}]},{"text":" link.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the ","type":"text"},{"text":"Properties","type":"text","marks":[{"type":"strong"}]},{"text":" tab.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the","type":"text"},{"text":" Events box.","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the ","type":"text"},{"text":"Add notification","type":"text","marks":[{"type":"strong"}]},{"text":" link.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the preferred value in ","type":"text"},{"text":"Name","type":"text","marks":[{"type":"strong"}]},{"text":" field.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Mark ","type":"text"},{"text":"All object create events","type":"text","marks":[{"type":"strong"}]},{"text":" checkbox.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In ","type":"text"},{"text":"Send to","type":"text","marks":[{"type":"strong"}]},{"text":" field select ","type":"text"},{"text":"SQS Queue","type":"text","marks":[{"type":"strong"}]},{"text":" as value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Select the previously created SQS queue in ","type":"text"},{"text":"SQS","type":"text","marks":[{"type":"strong"}]},{"text":" field.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Allow Loggin in Cloudfront","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"Cloudfront service","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on","type":"text"},{"text":" ID field","type":"text","marks":[{"type":"strong"}]},{"text":" link of the ","type":"text"},{"text":"target Distribution item","type":"text","marks":[{"type":"strong"}]},{"text":" (for accessing to Distributing Settings options).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on the ","type":"text"},{"text":"Edit button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In ","type":"text"},{"text":"Logging","type":"text","marks":[{"type":"strong"}]},{"text":" choose the value ","type":"text"},{"text":"On","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the","type":"text"},{"text":" Bucket for Logs","type":"text","marks":[{"type":"strong"}]},{"text":" field value set the ","type":"text"},{"text":"ARN","type":"text","marks":[{"type":"strong"}]},{"text":" of the previously created S3 bucket (Saved in a previous step).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Yes","type":"text","marks":[{"type":"strong"}]},{"text":" and then click on the ","type":"text"},{"text":"Edit button","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Steps to enable Cisco Umbrella logs","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"14fe39bb-f39a-4ddb-9e0f-b83837f312fa"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[231.0]},"content":[{"type":"paragraph","content":[{"text":"Action","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[487.0]},"content":[{"type":"paragraph","content":[{"text":"Steps","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[231.0]},"content":[{"type":"paragraph","content":[{"text":"SQS Standard queue","type":"text","marks":[{"type":"code"}]},{"text":" creation","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[487.0]},"content":[{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"Simple Queue Service","type":"text","marks":[{"type":"strong"}]},{"text":" and click ","type":"text"},{"text":"Create queue","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Details","type":"text","marks":[{"type":"strong"}]},{"text":" section:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Choose ","type":"text"},{"text":"Standard ","type":"text","marks":[{"type":"strong"}]},{"text":"queue type.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the ","type":"text"},{"text":"Name","type":"text","marks":[{"type":"strong"}]},{"text":" field value you prefer.","type":"text"}]}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Configuration","type":"text","marks":[{"type":"strong"}]},{"text":" section:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the ","type":"text"},{"text":"Message retention period","type":"text","marks":[{"type":"strong"}]},{"text":" field value to ","type":"text"},{"text":"5 Days","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Leave the rest values from ","type":"text"},{"text":"Configuration","type":"text","marks":[{"type":"strong"}]},{"text":" section with the default ones.","type":"text"}]}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Access policy","type":"text","marks":[{"type":"strong"}]},{"text":" section:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Choose method ","type":"text"},{"text":"Advanced","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"\"Principal\": {\"AWS\":\"\"}","type":"text","marks":[{"type":"code"}]},{"text":" with ","type":"text"},{"text":"\"Principal\": \"*\"","type":"text","marks":[{"type":"code"}]},{"text":" (leave rest of JSON as come)","type":"text"}]}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"(Not mandatory)","type":"text","marks":[{"type":"em"}]},{"text":" ","type":"text"},{"text":"Tags","type":"text","marks":[{"type":"strong"}]},{"text":" section:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Create one tag with ","type":"text"},{"text":"Key","type":"text","marks":[{"type":"strong"}]},{"text":" “usedBy“ and ","type":"text"},{"text":"Value","type":"text","marks":[{"type":"strong"}]},{"text":" “devo-collector“","type":"text"}]}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click on ","type":"text"},{"text":"Create queue","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[231.0]},"content":[{"type":"paragraph","content":[{"text":"S3 bucket","type":"text","marks":[{"type":"code"}]},{"text":" creation/configuration","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[487.0]},"content":[{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Go to ","type":"text"},{"text":"S3","type":"text","marks":[{"type":"strong"}]},{"text":" and click on ","type":"text"},{"text":"Create bucket","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the preferred value in ","type":"text"},{"text":"Bucket name","type":"text","marks":[{"type":"strong"}]},{"text":" field.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Choose any ","type":"text"},{"text":"Region","type":"text","marks":[{"type":"strong"}]},{"text":" value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click the ","type":"text"},{"text":"Next","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"(Not mandatory)","type":"text","marks":[{"type":"em"}]},{"text":" Create one tag with ","type":"text"},{"text":"Key","type":"text","marks":[{"type":"strong"}]},{"text":" ","type":"text"},{"text":"usedBy","type":"text","marks":[{"type":"em"}]},{"text":" and ","type":"text"},{"text":"Value","type":"text","marks":[{"type":"strong"}]},{"text":" ","type":"text"},{"text":"devo-collector.","type":"text","marks":[{"type":"em"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Leave rest of fields with default values, click the ","type":"text"},{"text":"Next","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Leave all values with default ones, click the ","type":"text"},{"text":"Next","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click the ","type":"text"},{"text":"Create bucket","type":"text","marks":[{"type":"strong"}]},{"text":" button.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Mark the checkbox next to the previously created S3 bucket.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the popup box, click the ","type":"text"},{"text":"Copy Bucket ARN","type":"text","marks":[{"type":"strong"}]},{"text":" button and save the content for being used in the next steps.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In S3 bucket list, click the previously created ","type":"text"},{"text":"bucket name","type":"text","marks":[{"type":"underline"}]},{"text":" link.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click the ","type":"text"},{"text":"Properties","type":"text","marks":[{"type":"strong"}]},{"text":" tab.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click the ","type":"text"},{"text":"Events","type":"text","marks":[{"type":"strong"}]},{"text":" box.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click the ","type":"text"},{"text":"+ Add notification","type":"text","marks":[{"type":"strong"}]},{"text":" link.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Set the preferred value in the ","type":"text"},{"text":"Name","type":"text","marks":[{"type":"strong"}]},{"text":" field.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Mark the ","type":"text"},{"text":"All object create events","type":"text","marks":[{"type":"strong"}]},{"text":" checkbox.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Send to","type":"text","marks":[{"type":"strong"}]},{"text":" field, select the ","type":"text"},{"text":"SQS Queue","type":"text","marks":[{"type":"strong"}]},{"text":" as value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Select the previously created SQS queue in the ","type":"text"},{"text":"SQS","type":"text","marks":[{"type":"strong"}]},{"text":" field.","type":"text"}]}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[231.0]},"content":[{"type":"paragraph","content":[{"text":"Enable ","type":"text"},{"text":"Logging","type":"text","marks":[{"type":"code"}]},{"text":" to Your Own S3 Bucket","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[487.0]},"content":[{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Refer to vendor’s configuration steps: ","type":"text"},{"text":"Enable Logging to Your Own S3 Bucket","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.umbrella.com/deployment-umbrella/docs/setting-up-an-amazon-s3-bucket"}}]},{"text":".","type":"text"}]}]}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Minimum configuration required for basic pulling","type":"text"}]},{"type":"paragraph","content":[{"text":"Although this collector supports advanced configuration, the fields required to retrieve data with basic configuration are defined below.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This minimum configuration refers exclusively to those specific parameters of this integration. There are more required parameters related to the generic behavior of the collector. Check setting sections for details.","type":"text"}]}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"8e99cdbc-7a37-408f-b1fc-ed3c698e331f"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"text":"Setting","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[617.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"text":"access_key","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[617.0]},"content":[{"type":"paragraph","content":[{"text":"This is the account identifier for AWS. More info can be found in the section ","type":"text"},{"text":"Using a user account and local policies","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"text":"access_secret","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[617.0]},"content":[{"type":"paragraph","content":[{"text":"This is the secret (kind of a password) for AWS. More info can be found in the section ","type":"text"},{"text":"Using a user account and local policies","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"text":"base_assume_role","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[617.0]},"content":[{"type":"paragraph","content":[{"text":"This allows assuming a role with limited privileges to access AWS services. More info can be found in the sections ","type":"text"},{"text":"Assuming a role (self-account) ","type":"text","marks":[{"type":"strong"}]},{"text":"and/or","type":"text"},{"text":" Assuming a role (cross-account)","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"text":"target_assume_role","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[617.0]},"content":[{"type":"paragraph","content":[{"text":"This allows assuming a role on another AWS account with limited privileges to access AWS services. More info can be found in the section ","type":"text"},{"text":"Assuming a role (cross-account)","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"text":"assume_role_external_id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[617.0]},"content":[{"type":"paragraph","content":[{"text":"This is an optional field that provides additional security to the assuming role operation on cross-accounts. More info can be found in the section ","type":"text"},{"text":"Assuming a role (cross-account)","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"See the ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section to verify what settings are required based on the desired authentication method.","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Accepted authentication methods","type":"text"}]},{"type":"paragraph","content":[{"text":"Depending on how did you obtain your credentials, you will have to either fill in or delete the following properties on the JSON ","type":"text"},{"text":"credentials","type":"text","marks":[{"type":"code"}]},{"text":" configuration block.","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"fd297c9e-4715-4ae4-ad90-5a0f43da47cf"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","content":[{"text":"Authentication method","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"access_key","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"access_secret","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"base_assume_role","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"target_assume_role","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"assume_role_external_id","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","content":[{"text":"Access Key / Access Secret","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"REQUIRED","localId":"9855ccbc-82a5-417f-8438-75564994ffcd"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"REQUIRED","localId":"9031fef1-f85f-4b91-acc5-b2e7738d6d82"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","content":[{"text":"Assume role (self-account)","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"REQUIRED","localId":"bab0d3e2-3063-4be2-877a-c6a51ee3cf90"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"REQUIRED","localId":"374d1f6a-9c7a-4e03-94cf-21585c7d8943"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"REQUIRED","localId":"96eb3fe6-4439-4e69-b1e9-52288119033a"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[130.0]},"content":[{"type":"paragraph","content":[{"text":"Assume role (cross-account)","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"REQUIRED","localId":"8a45a574-9c92-4904-bb77-bcec15505fb2"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"REQUIRED","localId":"92ede587-44d7-4a4d-8280-d387db7a2ea8"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"yellow","style":"bold","text":"OPTIONAL","localId":"8b0060c4-d613-4ccc-9d95-e06feee2fe52"}}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Run the collector","type":"text"}]},{"type":"paragraph","content":[{"text":"Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (","type":"text"},{"text":"Cloud collector","type":"text","marks":[{"type":"underline"}]},{"text":"), or deploy and host the collector in your own machine using a Docker image (","type":"text"},{"text":"On-premise collector","type":"text","marks":[{"type":"underline"}]},{"text":").","type":"text"}]},{"type":"bodiedExtension","attrs":{"layout":"full-width","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"rw-ui-tabs-macro","parameters":{"macroParams":{},"macroMetadata":{"macroId":{"value":"6a805bc0-abf6-4d98-987c-6a9164c77642"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://static.dg.refinedtheme.refinedwiki.com/refinedtheme-for-cloud/macro-icons/tab-container.png"}}],"title":"Refined Tab Container"}},"localId":"03176d96-65f8-447a-addd-88b0f21b5f44"},"content":[{"type":"extension","attrs":{"layout":"full-width","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"rw-tab","parameters":{"macroParams":{"title":{"value":"Cloud collector"}},"macroMetadata":{"macroId":{"value":"2825992cb366f7c43cdf1373692654dc"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://static.dg.refinedtheme.refinedwiki.com/refinedtheme-for-cloud/macro-icons/tab.png"}}],"title":"Refined Tab"}},"localId":"3fdacf0a-538d-490d-9609-ee13437cbbbe"}},{"type":"paragraph","content":[{"text":"We use a piece of software called Collector Server to host and manage all our available collectors.","type":"text"}]},{"type":"paragraph","content":[{"text":"To enable the collector for a customer:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Collector Server","type":"text","marks":[{"type":"strong"}]},{"text":" ","type":"text"},{"text":"GUI","type":"text","marks":[{"type":"strong"}]},{"text":", access the ","type":"text"},{"text":"domain","type":"text","marks":[{"type":"strong"}]},{"text":" in which you want this instance to be created","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click ","type":"text"},{"text":"Add Collector","type":"text","marks":[{"type":"strong"}]},{"text":" and find the one you wish to add.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Version","type":"text","marks":[{"type":"strong"}]},{"text":" field, select the latest value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Collector Name","type":"text","marks":[{"type":"strong"}]},{"text":" field, set the value you prefer (this name must be unique inside the same Collector Server domain).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the sending method select ","type":"text"},{"text":"Direct Send. Direct Send","type":"text","marks":[{"type":"strong"}]},{"text":" configuration is optional for collectors that create ","type":"text"},{"text":"Table","type":"text","marks":[{"type":"code"}]},{"text":" events, but mandatory for those that create ","type":"text"},{"text":"Lookups","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Parameters","type":"text","marks":[{"type":"strong"}]},{"text":" section, establish the ","type":"text"},{"text":"Collector Parameters","type":"text","marks":[{"type":"strong"}]},{"text":" as follows below:","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Editing the JSON configuration","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"global_overrides\": {\n \"debug\": false\n },\n \"inputs\": {\n \"aws\": {\n \"id\": \"\",\n \"enabled\": true,\n \"credentials\": {\n \"access_key\": \"\",\n \"access_secret\": \"\",\n \"base_assume_role\": \"\",\n \"target_assume_role\": \"\",\n \"assume_role_external_id\": \"\"\n },\n \"services\": {\n \"service-events-all\": {\n \"request_period_in_seconds\": ,\n \"cloudwatch_sqs_queue_name\": \"\",\n \"auto_event_type\": ,\n \"regions\": \n },\n \"sqs-cloudwatch-consumer\": {\n \"request_period_in_seconds\": ,\n \"cloudwatch_sqs_queue_name\": \"\",\n \"auto_event_type\": ,\n \"regions\": \n },\n \"audit-events-all\": {\n \"types\": ,\n \"request_period_in_seconds\": ,\n \"start_time\": \"\",\n \"auto_event_type\": ,\n \"drop_event_names\": ,\n \"audit_sqs_queue_name\": \"\",\n \"s3_file_type_filter\": \"\",\n \"use_region_and_account_id_from_event\": \"\",\n \"regions\": \n },\n \"metrics-all\":{\n \"regions\": \n },\n \"non-cloudwatch-logs\": {\n \"types\": ,\n \"regions\": ,\n \"start_time\": \"\",\n \"vpcflowlogs_sqs_queue_name\": \"\",\n \"cloudfrontlogs_sqs_queue_name\": \"\"\n },\n \"cisco-umbrella\": {\n \"start_time\": \"\",\n \"ciscoumbrella_sqs_queue_name\": \"\",\n \"regions\": \n },\n \"aws-guardduty\": {\n \"start_time\": \"\",\n \"regions\": [\n \"ap-southeast-1\"\n ]\n },\n \"custom_service\": {\n \"types\": \"\",\n \"log_group\": \"\",\n \"start_time\": \"\",\n \"regions\": \n }\n }\n }\n }\n}","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"All defined service entities will be executed by the collector. If you do not want to run any of them, just remove the entity from the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" object.","type":"text"}]}]},{"type":"paragraph","content":[{"text":"Please replace the placeholders with real world values following the description table below:","type":"text"}]},{"type":"table","attrs":{"layout":"full-width","width":760.0,"localId":"0747bfa4-f703-4c70-8fd2-e6cb35513cf9"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"Data type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Value range","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"short_unique_id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"},{"type":"hardBreak"},{"text":"Maximum length: 5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Use this param to give an unique id to this input service.","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"This parameter is used to build the persistence address, do not use the same value for multiple collectors. It could cause a collision.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"access_key_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"access key ID","type":"text","marks":[{"type":"code"}]},{"text":" value obtained from AWS when a user is created to access programmatically. It is used when authenticating with a user account and also to assume a self-account role.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"access_secret_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"secret access key","type":"text","marks":[{"type":"code"}]},{"text":" value obtained from AWS when a user is created to access programatically. It is used when authenticating with a user account and also to assume a self-account role.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"base_assume_role_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The ARN of the role to be assumed in the base account. It can be used for self- or cross-account authentication methods.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"target_assume_role_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The ARN of the role to be assumed in the customer’s account. It is used for cross-account authentication method.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"assume_role_external_id_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"This is an optional string implemented by the customer to add an extra security layer. It can only be used for cross-account authentication method.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"request_period_in_seconds_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Period in seconds used between each data pulling, this value will overwrite the default value (300 seconds)","type":"text"}]},{"type":"panel","attrs":{"panelType":"note"},"content":[{"type":"paragraph","content":[{"text":"This parameter should be removed if it is not used.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"auto_event_type_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"bool","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"true/false","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Used to enable the auto categorization of message tagging.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"datetime","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]},{"text":" for GuardDuty, ","type":"text"},{"text":"Optional","type":"text","marks":[{"type":"code"}]},{"text":" for the rest of services.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"1970-01-01T00:00:00.000Z","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Date time from which to start collecting data. It must match ISO-8601 format. ","type":"text"},{"text":"Note that this is mandatory for GuardDuty and optional for the rest of services","type":"text","marks":[{"type":"underline"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"list_of_types","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"list (of strings)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"codeBlock","content":[{"text":"\"types\" : [\n \"type1\",\n \"type2\",\n \"type3\"\n]","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Enable/Disable modules only when several modules per service are defined. For example, to get audit events from the API, this field should be set to ","type":"text"},{"text":"audits_api","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"list_of_regions","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"list (of strings)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]},{"text":", if defined in the collector’s definition.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"codeBlock","content":[{"text":"\"regions\": [\n \"region1\",\n \"region2\",\n \"region3\"\n]","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Property name (","type":"text"},{"text":"regions","type":"text","marks":[{"type":"code"}]},{"text":") should be aligned with the one defined in the ","type":"text"},{"text":"submodules_property","type":"text","marks":[{"type":"strong"}]},{"text":" property from the “Collector definitions”","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"list_of_drop_event_names","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"list (of strings)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"codeBlock","content":[{"text":"\"drop_event_names\" : [\n \"drop1\",\n \"drop2\",\n \"drop3\"\n]","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"If the value in ","type":"text"},{"text":"eventName","type":"text","marks":[{"type":"code"}]},{"text":" field matches any of the values in this field, the event will be discarded.","type":"text"}]},{"type":"paragraph","content":[{"text":"i.e. if this parameter is populated with the next values ","type":"text"},{"text":"[\"Decrypt\", \"AssumeRole\"]","type":"text","marks":[{"type":"code"}]},{"text":", and the value of ","type":"text"},{"text":"eventName","type":"text","marks":[{"type":"code"}]},{"text":" field is ","type":"text"},{"text":"Decrypt","type":"text","marks":[{"type":"code"}]},{"text":" or ","type":"text"},{"text":"AssumeRole","type":"text","marks":[{"type":"code"}]},{"text":", the event will be discarded.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_name_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Name of the SQS queue to read from.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"s3_file_type_filter_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"RegEx to retrieve proper file type from S3, in case there are more than one file types in the same SQS queue from which the service is pulling data.","type":"text"}]},{"type":"paragraph","content":[{"text":"This parameter can be used for those services getting data from a S3+SQS pipeline.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"use_region_and_account_id_from_event_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"bool","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"true/false","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":" the ","type":"text"},{"text":"region","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"account_id","type":"text","marks":[{"type":"code"}]},{"text":" are taken from the event; else if ","type":"text"},{"text":"false","type":"text","marks":[{"type":"code"}]},{"text":", they are taken from the account used to do the data pulling.","type":"text"}]},{"type":"paragraph","content":[{"text":"Default: ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"It can be used only in those services using a S3+SQS pipeline.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"log_group_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The log group name must be set here as-is, including the different levels separated by slashes.","type":"text"},{"type":"hardBreak"},{"text":"It can be set to'/' (forward slash) as well to get all the log group names.","type":"text"}]}]}]}]},{"type":"mediaSingle","attrs":{"layout":"center","width":942,"widthType":"pixel"},"content":[{"type":"media","attrs":{"width":1246,"alt":"AWS_10.png","id":"f3890d91-8679-4744-9300-91696983f748","collection":"contentId-94655573","type":"file","height":932}}]},{"type":"extension","attrs":{"layout":"full-width","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"rw-tab","parameters":{"macroParams":{"title":{"value":"On-premise collector"}},"macroMetadata":{"macroId":{"value":"0e08d10a084320745cfcad174c481cfb"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://static.dg.refinedtheme.refinedwiki.com/refinedtheme-for-cloud/macro-icons/tab.png"}}],"title":"Refined Tab"}},"localId":"f618553e-90ea-4caa-bee2-7727c5cdd380"}},{"type":"paragraph","content":[{"text":"This data collector can be run in any machine that has the Docker service available because it should be executed as a docker container. The following sections explain how to prepare all the required setup for having the data collector running.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Structure","type":"text"}]},{"type":"paragraph","content":[{"text":"The following directory structure should be created for being used when running the collector:","type":"text"}]},{"type":"codeBlock","content":[{"text":"\n└── devo-collectors/\n └── /\n ├── certs/\n │ ├── chain.crt\n │ ├── .key\n │ └── .crt\n ├── state/\n └── config/ \n └── config.yaml ","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with the proper value.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Devo credentials","type":"text"}]},{"type":"paragraph","content":[{"text":"In Devo, go to ","type":"text"},{"text":"Administration → Credentials → X.509 Certificates","type":"text","marks":[{"type":"strong"}]},{"text":", download the ","type":"text"},{"text":"Certificate","type":"text","marks":[{"type":"strong"}]},{"text":", ","type":"text"},{"text":"Private key","type":"text","marks":[{"type":"strong"}]},{"text":" and ","type":"text"},{"text":"Chain CA","type":"text","marks":[{"type":"strong"}]},{"text":" and save them in ","type":"text"},{"text":"/certs/","type":"text","marks":[{"type":"code"}]},{"text":". Learn more about security credentials in Devo ","type":"text"},{"text":"here","type":"text","marks":[{"type":"link","attrs":{"href":"#"}}]},{"text":".","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center"},"content":[{"type":"media","attrs":{"width":950,"id":"07c30ab2-9236-4f58-bec3-7993e6f83a1a","collection":"contentId-94655573","type":"file","height":448}}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with the proper value.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Editing the config.yaml file","type":"text"}]},{"type":"codeBlock","content":[{"text":"globals:\n debug: false\n id: \n name: \n persistence:\n type: filesystem\n config:\n directory_name: state\noutputs:\n devo_1:\n type: devo_platform\n config:\n address: \n port: 443\n type: SSL\n chain: \n cert: \n key: \ninputs:\n aws:\n id: \n enabled: true\n credentials:\n access_key: \n access_secret: \n base_assume_role: \n target_assume_role: \n assume_role_external_id: \n services:\n service-events-all:\n request_period_in_seconds: \n cloudwatch_sqs_queue_name: \n auto_event_type: \n regions: \n sqs-cloudwatch-consumer:\n request_period_in_seconds: \n cloudwatch_sqs_queue_name: \n auto_event_type: \n regions: \n audit-events-all:\n types: \n request_period_in_seconds: \n start_time: \n auto_event_type: \n drop_event_names: \n audit_sqs_queue_name: \n s3_file_type_filter: \n use_region_and_account_id_from_event: \n regions: \n metrics-all:\n regions: \n non-cloudwatch-logs:\n types: \n regions: \n start_time: \n vpcflowlogs_sqs_queue_name: \n cloudfrontlogs_sqs_queue_name: \n cisco-umbrella:\n ciscoumbrella_sqs_queue_name: \n regions: \n custom_service:\n types: \n log_groups: \n start_time: \n regions: \n aws-guardduty:\n request_period_in_seconds: \n start_time: \n regions: ","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"All defined service entities will be executed by the collector. If you do not want to run any of them, just remove the entity from the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" object.","type":"text"}]}]},{"type":"paragraph","content":[{"text":"Replace the placeholders with your required values following the description table below:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"6ae134a2-334b-47bf-982c-08cd2b21b395"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"Data Type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Value Range","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"collector_id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"},{"type":"hardBreak"},{"text":"Maximum length: 5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Use this param to give an unique id to this collector.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"collector_name","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"},{"type":"hardBreak"},{"text":"Maximum length: 10","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Use this param to give a valid name to this collector.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"devo_address","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"collector-us.devo.io","type":"text","marks":[{"type":"code"}]},{"type":"hardBreak"},{"text":"collector-eu.devo.io","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Use this param to identify the Devo Cloud where the events will be sent.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"chain_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 4","type":"text"},{"type":"hardBreak"},{"text":"Maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Use this param to identify the chain.cert file downloaded from your Devo domain. Usually this file's name is: ","type":"text"},{"text":"chain.crt","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"cert_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 4","type":"text"},{"type":"hardBreak"},{"text":"Maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Use this param to identify the ","type":"text"},{"text":"file.cert","type":"text","marks":[{"type":"code"}]},{"text":" downloaded from your Devo domain.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"key_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 4","type":"text"},{"type":"hardBreak"},{"text":"Maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Use this param to identify the ","type":"text"},{"text":"file.key","type":"text","marks":[{"type":"code"}]},{"text":" downloaded from your Devo domain.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"short_unique_id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"},{"type":"hardBreak"},{"text":"Maximum length: 5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Use this param to give an unique id to this input service.","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"This parameter is used to build the persistence address, do not use the same value for multiple collectors. It could cause a collision.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"access_key_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"access key ID","type":"text","marks":[{"type":"code"}]},{"text":" value obtained from AWS when a user is created to access programmatically. It is used when authenticating with a user account and also to assume a self-account role.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"access_secret_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"secret access key","type":"text","marks":[{"type":"code"}]},{"text":" value obtained from AWS when a user is created to access programatically. It is used when authenticating with a user account and also to assume a self-account role.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"base_assume_role_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The ARN of the role to be assumed in the base account. It can be used for self- or cross-account authentication methods.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"target_assume_role_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The ARN of the role to be assumed in the customer’s account. It is used for cross-account authentication method.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"assume_role_external_id_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"See ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section above.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"This is an optional string implemented by the customer to add an extra security layer. It can only be used for cross-account authentication method.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"request_period_in_seconds_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Period in seconds used between each data pulling, this value will overwrite the default value (300 seconds)","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter should be removed if it is not used.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"auto_event_type_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"bool","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"true/false","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Used to enable the auto categorization of message tagging.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"datetime","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]},{"text":" for GuardDuty, ","type":"text"},{"text":"Optional","type":"text","marks":[{"type":"code"}]},{"text":" for the rest of services.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"1970-01-01T00:00:00.000Z","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Date time from which to start collecting data. It must match ISO-8601 format. ","type":"text"},{"text":"Note that this is mandatory for GuardDuty and optional for the rest of services","type":"text","marks":[{"type":"underline"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"list_of_types","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"list (of strings)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"codeBlock","content":[{"text":"types:\n - type1\n - type2\n - type3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Enable/Disable modules only when several modules per service are defined. For example, to get audit events from the API, this field should be set to ","type":"text"},{"text":"audits_api","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"list_of_regions","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"list (of strings)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]},{"text":", if defined in the collector’s definition.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"codeBlock","content":[{"text":"regions:\n - region1\n - region2\n - region3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Property name (","type":"text"},{"text":"regions","type":"text","marks":[{"type":"code"}]},{"text":") should be aligned with the one defined in the ","type":"text"},{"text":"submodules_property","type":"text","marks":[{"type":"strong"}]},{"text":" property from the “Collector definitions”","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"list_of_drop_event_names","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"list (of strings)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"codeBlock","content":[{"text":"drop_event_names:\n - drop1\n - drop2\n - drop3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"If the value in ","type":"text"},{"text":"eventName","type":"text","marks":[{"type":"code"}]},{"text":" field matches any of the values in this field, the event will be discarded.","type":"text"}]},{"type":"paragraph","content":[{"text":"i.e. if this parameter is populated with the next values ","type":"text"},{"text":"[\"Decrypt\", \"AssumeRole\"]","type":"text","marks":[{"type":"code"}]},{"text":", and the value of ","type":"text"},{"text":"eventName","type":"text","marks":[{"type":"code"}]},{"text":" field is ","type":"text"},{"text":"Decrypt","type":"text","marks":[{"type":"code"}]},{"text":" or ","type":"text"},{"text":"AssumeRole","type":"text","marks":[{"type":"code"}]},{"text":", the event will be discarded.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_name_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"Name of the SQS queue to read from.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"s3_file_type_filter_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"RegEx to retrieve proper file type from S3, in case there are more than one file types in the same SQS queue from which the service is pulling data.","type":"text"}]},{"type":"paragraph","content":[{"text":"This parameter can be used for those services getting data from a S3+SQS pipeline.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"use_region_and_account_id_from_event_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"bool","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"true/false","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":" the ","type":"text"},{"text":"region","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"account_id","type":"text","marks":[{"type":"code"}]},{"text":" are taken from the event; else if ","type":"text"},{"text":"false","type":"text","marks":[{"type":"code"}]},{"text":", they are taken from the account used to do the data pulling.","type":"text"}]},{"type":"paragraph","content":[{"text":"Default: ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"It can be used only in those services using a S3+SQS pipeline.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[383.0]},"content":[{"type":"paragraph","content":[{"text":"log_group_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[111.0]},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[126.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[396.0]},"content":[{"type":"paragraph","content":[{"text":"The log group name must be set here as-is, including the different levels separated by slashes.","type":"text"},{"type":"hardBreak"},{"text":"It can be set to'/' (forward slash) as well to get all the log group names.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Download the Docker image","type":"text"}]},{"type":"paragraph","content":[{"text":"The collector should be deployed as a Docker container. Download the Docker image of the collector as a .tgz file by clicking the link in the following table:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"94785be3-54fc-4266-9d73-deee265f1451"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[551.0]},"content":[{"type":"paragraph","content":[{"text":"Collector Docker image","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[618.0]},"content":[{"type":"paragraph","content":[{"text":"SHA-256 hash","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[551.0]},"content":[{"type":"paragraph","content":[{"text":"collector-aws-if-docker-image-1.12.0","type":"text","marks":[{"type":"link","attrs":{"href":"https://drive.google.com/file/d/1WGRcGqZ6LSDDevIlO2BA1W1SQVg8YhiG/view?usp=sharing"}}]},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[618.0]},"content":[{"type":"paragraph","content":[{"text":"1adb5024e30139f01ebced2685b5a305ea9c204e20ab318d85e40eed2712633a","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"paragraph","content":[{"text":"Use the following command to add the Docker image to the system:","type":"text"}]},{"type":"codeBlock","content":[{"text":"gunzip -c -.tgz | docker load","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Once the Docker image is imported, it will show the real name of the Docker image (including version info). Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with a proper value.","type":"text"}]}]},{"type":"paragraph","content":[{"text":"The Docker image can be deployed on the following services:","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Docker","type":"text"}]},{"type":"paragraph","content":[{"text":"Execute the following command on the root directory ","type":"text"},{"text":"/devo-collectors//","type":"text","marks":[{"type":"code"}]}]},{"type":"codeBlock","content":[{"text":"docker run \n--name collector- \n--volume $PWD/certs:/devo-collector/certs \n--volume $PWD/config:/devo-collector/config \n--volume $PWD/state:/devo-collector/state \n--env CONFIG_FILE=config.yaml \n--rm \n--interactive \n--tty \n:","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with the proper values.","type":"text"}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Docker Compose","type":"text"}]},{"type":"paragraph","content":[{"text":"The following Docker Compose file can be used to execute the Docker container. It must be created in the ","type":"text"},{"text":"/devo-collectors//","type":"text","marks":[{"type":"code"}]},{"text":" directory.","type":"text"}]},{"type":"codeBlock","content":[{"text":"version: '3'\nservices:\n collector-:\n image: :${IMAGE_VERSION:-latest}\n container_name: collector-\n volumes:\n - ./certs:/devo-collector/certs\n - ./config:/devo-collector/config\n - ./credentials:/devo-collector/credentials\n - ./state:/devo-collector/state\n environment:\n - CONFIG_FILE=${CONFIG_FILE:-config.yaml}","type":"text"}]},{"type":"paragraph","content":[{"text":"To run the container using docker-compose, execute the following command from the ","type":"text"},{"text":"/devo-collectors//","type":"text","marks":[{"type":"code"}]},{"text":" directory:","type":"text"}]},{"type":"codeBlock","content":[{"text":"IMAGE_VERSION= docker-compose up -d","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with the proper values.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Collector services detail","type":"text"}]},{"type":"paragraph","content":[{"text":"This section is intended to explain how to proceed with specific actions for services.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Service events (all services)","type":"text"}]},{"type":"paragraph","content":[{"text":"This service could be considered a general AWS event puller. It reads events from all the AWS services, which are managed by CloudWatch.","type":"text"}]},{"type":"expand","attrs":{"title":"Devo categorization and destination"},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is not set or is set to false, the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudwatch.events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is set to true, the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudwatch.{event_type}","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"paragraph","content":[{"text":"Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service has the following components:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"0fc14022-ade5-4eae-ba9b-eaa9749ea4a9"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Component","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Setup","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of authenticating the service and managing the token expiration when needed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Puller","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudwatchEventsPullerSetup(aws,aws#abc123,service-events-all#predefined,us-east-2) -> Session cannot expire. Using user/profile authentication.\nINFO InputProcess::AwsCloudwatchEventsPullerSetup(aws,aws#abc123,service-events-all#predefined,us-east-2) -> Creating user session\nINFO InputProcess::AwsCloudwatchEventsPullerSetup(aws,aws#abc123,service-events-all#predefined,us-east-2) -> New AWS session started.\nINFO InputProcess::AwsCloudwatchEventsPullerSetup(aws,aws#abc123,service-events-all#predefined,us-east-2) -> Setup for module has been successfully executed","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the ","type":"text"},{"text":"PrePull","type":"text","marks":[{"type":"code"}]},{"text":" action is executed only one time before the first run of the ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action.","type":"text"}]}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,service-events-all,predefined,us-east-2) -> Starting data collection every 60 seconds\nINFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,service-events-all,predefined,us-east-2) -> Starting a new pulling from \"dc-aws-cloudwatch-test-1.fifo\" queue at \"2022-09-23T07:44:54.589769+00:00\"\nINFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,service-events-all,predefined,us-east-2) -> Received 198 response(s), received 1973 message(s), generated 1973 message(s), detected_event_types: [\"ssm\", \"s3\", \"sts\", \"backup\", \"kms\", \"tag\", \"config\", \"logs\", \"cloudtrail\"], avg_time_per_source_message: 335.170 ms\nINFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,service-events-all,predefined,us-east-2) -> Starting a new pulling from \"dc-aws-cloudwatch-test-1.fifo\" queue at \"2022-09-23T07:55:55.546142+00:00\"\nINFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,service-events-all,predefined,us-east-2) -> Received 1 response(s), received 0 message(s), generated 0 message(s), detected_event_types: [], avg_time_per_source_message: 437.862 ms\nINFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,service-events-all,predefined,us-east-2) -> Data collection completed. Elapsed time: 0.438 seconds. Waiting for 59.562 second(s) until the next one","type":"text"}]},{"type":"paragraph","content":[{"text":"After a successful collector’s execution (that is, no error logs found), you will see the following log message:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO ThreatQuotientDataPuller(threatquotient_collector,threatquotient_data_puller#111,events#predefined) -> Statistics for this pull cycle (@devo_pulling_id=1655983326.290848): Number of requests performed: 2; Number of events received: 52; Number of duplicated events filtered out: 0; Number of events generated and sent: 52 (from 52 unflattened events); Average of events per second: 92.99414315733.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"The value ","type":"text"},{"text":"@devo_pulling_id","type":"text","marks":[{"type":"code"}]},{"text":" is injected in each event to group all events ingested by the same pull action. You can use it to get the exact events downloaded in that ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action in Devo’s search window.","type":"text"}]}]}]},{"type":"expand","attrs":{"title":"Restart the persistence"},"content":[{"type":"paragraph","content":[{"text":"This collector does not use any kind of persistent storage.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Service events (Security Hub)","type":"text"}]},{"type":"paragraph","content":[{"text":"This service is used to read specifically Security Hub events, which need to be processed in a different way.","type":"text"}]},{"type":"expand","attrs":{"title":"Devo categorization and destination"},"content":[{"type":"paragraph","content":[{"text":"Using this service, all the Security Hub events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.securityhub.findings","type":"text","marks":[{"type":"code"}]}]}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"paragraph","content":[{"text":"Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service has the following components:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"54ecd2fd-5861-459e-b2f7-16d7222d7a3a"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Component","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Setup","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of authenticating the service and managing the token expiration when needed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Puller","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudwatchEventsPullerSetup(aws,aws#abc123,service-events-all#predefined,us-east-2) -> Session cannot expire. Using user/profile authentication.\nINFO InputProcess::AwsCloudwatchEventsPullerSetup(aws,aws#abc123,service-events-all#predefined,us-east-2) -> Creating user session\nINFO InputProcess::AwsCloudwatchEventsPullerSetup(aws,aws#abc123,service-events-all#predefined,us-east-2) -> New AWS session started.\nINFO InputProcess::AwsCloudwatchEventsPullerSetup(aws,aws#abc123,service-events-all#predefined,us-east-2) -> Setup for module has been successfully executed","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,sqs-cloudwatch-consumer,predefined,us-east-2) -> Starting data collection every 60 seconds\nINFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,sqs-cloudwatch-consumer,predefined,us-east-2) -> Starting a new pulling from \"cloudwatch-test.fifo\" queue at \"2022-09-23T08:11:50.440225+00:00\"\nINFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,sqs-cloudwatch-consumer,predefined,us-east-2) -> Received 1 response(s), received 0 message(s), generated 0 message(s), detected_event_types: [], avg_time_per_source_message: 519.301 ms\nINFO InputProcess::AwsCloudwatchEventsPuller(aws,abc123,sqs-cloudwatch-consumer,predefined,us-east-2) -> Data collection completed. Elapsed time: 0.520 seconds. Waiting for 59.480 second(s) until the next one","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"@devo_pulling_id","type":"text","marks":[{"type":"code"}]},{"text":" value is injected into each event to allow grouping all events ingested by the same pull action. You can use it to get the exact events downloaded on that ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action in Loxcope.","type":"text"}]}]}]},{"type":"expand","attrs":{"title":"Restart the persistence"},"content":[{"type":"paragraph","content":[{"text":"This collector does not use any kind of persistent storage.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Audit events (via API)","type":"text"}]},{"type":"paragraph","content":[{"text":"This service reads ","type":"text"},{"text":"Cloudtrail","type":"text","marks":[{"type":"strong"}]},{"text":" audit events via API.","type":"text"}]},{"type":"paragraph","content":[{"text":"There are two ways to read Cloudtrail events: via API or via S3+SQS.","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"API: It is slower, but can read past events.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"S3+SQS: It is much faster, but can only read events since the creation of the queue.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"This service makes use of the AWS API to get the data.","type":"text"}]},{"type":"expand","attrs":{"title":"Devo categorization and destination"},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is not set or is set to ","type":"text"},{"text":"false","type":"text","marks":[{"type":"code"}]},{"text":", the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudtrail.events","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":", the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudtrail.{event_type}","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"paragraph","content":[{"text":"Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service has the following components:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"e7bc2559-8f1e-4236-8098-ae73669c9550"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Component","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Setup","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of authenticating the service and managing the token expiration when needed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Puller","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudtrailApiPullerSetup(aws,aws#abc123,audit-events-all#predefined,us-east-2) -> Session cannot expire. Using user/profile authentication.\nINFO InputProcess::AwsCloudtrailApiPullerSetup(aws,aws#abc123,audit-events-all#predefined,us-east-2) -> Creating user session\nINFO InputProcess::AwsCloudtrailApiPullerSetup(aws,aws#abc123,audit-events-all#predefined,us-east-2) -> New AWS session started.\nINFO InputProcess::AwsCloudtrailApiPullerSetup(aws,aws#abc123,audit-events-all#predefined,us-east-2) -> Setup for module has been successfully executed","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the ","type":"text"},{"text":"PrePull","type":"text","marks":[{"type":"code"}]},{"text":" action is executed only one time before the first run of the ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action.","type":"text"}]}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Starting data collection every 60 seconds\nINFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Starting a new pulling from \"['all_sources']\" source at \"2022-09-23T08:56:22.366820+00:00\"\nINFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Using 15 minutes as \"gap until now\", start_date: \"2022-09-12T12:34:56.123456+00:00\", end_date: \"2022-09-23T08:41:22.366820+00:00\", time_slot_in_hours: \"1\"\nINFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Total number of time slots to be processed: 261\n...\nINFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Number of processed time slots so far: 100\n...\nINFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Number of processed time slots so far: 200\n...\nINFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Received 1315 response(s), messages (total/dropped/other_region/duplicated/generated): 124/6149/0/0/113, tag template used: \"cloud.aws.cloudtrail.{event_type}.123456789012.us-east-8.1.prod-1\", avg_time_per_source_message: 708.624 ms\nINFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Elapsed time: 931.842 seconds. Last retrieval took too much time, no wait will be applied in this loop\nINFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Data collection completed. Elapsed time: 2.717 seconds. Waiting for 57.283 second(s) until the next one","type":"text"}]},{"type":"paragraph","content":[{"text":"After a successful collector’s execution (that is, no error logs found), you will see the following log message:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudtrailApiPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Received 4 response(s), messages (total/dropped/other_region/duplicated/generated): 186/8/0/1/177, tag template used: \"cloud.aws.cloudtrail.{event_type}.123456789012.us-west-8.1.prod-1\", avg_time_per_source_message: 678.952 ms","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"The value ","type":"text"},{"text":"@devo_pulling_id","type":"text","marks":[{"type":"code"}]},{"text":" is injected in each event to group all events ingested by the same pull action. You can use it to get the exact events downloaded in that ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action in Devo’s search window.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Audit events (via S3 + SQS)","type":"text"}]},{"type":"paragraph","content":[{"text":"This service reads Cloudtrail audit events via the S3+SQS pipeline.","type":"text"}]},{"type":"paragraph","content":[{"text":"There are two ways to read Cloudtrail events: via API or via S3+SQS.","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"API: It is slower, but can read past events.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"S3+SQS: It is much faster, but can only read events since the creation of the queue.","type":"text"}]}]}]},{"type":"expand","attrs":{"title":"Devo categorization and destination"},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is not set or is set to ","type":"text"},{"text":"false","type":"text","marks":[{"type":"code"}]},{"text":", the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudtrail.events","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":", the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudtrail.{event_type}","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"paragraph","content":[{"text":"Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service has the following components:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"957e45b5-f6f7-4117-84bc-303d26b0e461"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Component","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Setup","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of authenticating the service and managing the token expiration when needed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Puller","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsSqsS3GenericPullerSetup(aws,aws#abc123,audit-events-all#predefined,us-east-2) -> Session cannot expire. Using user/profile authentication.\nINFO InputProcess::AwsSqsS3GenericPullerSetup(aws,aws#abc123,audit-events-all#predefined,us-east-2) -> Creating user session\nINFO InputProcess::AwsSqsS3GenericPullerSetup(aws,aws#abc123,audit-events-all#predefined,us-east-2) -> New AWS session started.\nINFO InputProcess::AwsSqsS3GenericPullerSetup(aws,aws#abc123,audit-events-all#predefined,us-east-2) -> Setup for module has been successfully executed","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the ","type":"text"},{"text":"PrePull","type":"text","marks":[{"type":"code"}]},{"text":" action is executed only one time before the first run of the ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action.","type":"text"}]}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsSqsS3CloudTrailPuller(aws,abc123,audit-events-all,predefined,us-east-2) -> Starting data collection every 60 seconds\nINFO OutputProcess::OutputStandardConsumer(standard_senders_consumer_0) -> Consumed messages: 1797, total_bytes: 3830368 (60.43562 seconds)\nINFO OutputProcess::DevoSender(standard_senders,devo_sender_0) -> Consumed messages: 1797 messages (60.436958 seconds) => 29 msg/sec\nINFO OutputProcess::OutputStandardConsumer(standard_senders_consumer_0) -> Consumed messages: 1652, total_bytes: 3555837 (60.311803 seconds)\nINFO OutputProcess::DevoSender(standard_senders,devo_sender_0) -> Consumed messages: 1652 messages (60.313064 seconds) => 27 msg/sec\nINFO OutputProcess::OutputStandardConsumer(standard_senders_consumer_0) -> Consumed messages: 1949, total_bytes: 4277470 (60.187779 seconds)\nINFO OutputProcess::DevoSender(standard_senders,devo_sender_0) -> Consumed messages: 1949 messages (60.187248 seconds) => 32 msg/sec\n...","type":"text"}]},{"type":"paragraph","content":[{"text":"After a successful collector’s execution (this is, no error logs were found), you should be able to see the following log message:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"@devo_pulling_id","type":"text","marks":[{"type":"code"}]},{"text":" value is injected into each event to allow grouping all events ingested by the same pull action. You can use it to get the exact events downloaded on that ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action in Loxcope.","type":"text"}]}]}]},{"type":"expand","attrs":{"title":"Restart the persistence"},"content":[{"type":"paragraph","content":[{"text":"This collector does not use any kind of persistent storage.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Metrics (All metrics)","type":"text"}]},{"type":"paragraph","content":[{"text":"This service could be considered a general AWS metric puller. It reads metrics from all the AWS services that generate them. Those metrics are also managed by Cloudwatch.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service makes use of the AWS API to get the data.","type":"text"}]},{"type":"expand","attrs":{"title":"Devo categorization and destination"},"content":[{"type":"paragraph","content":[{"text":"All the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudwatch.metrics","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"paragraph","content":[{"text":"Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service has the following components:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"f2bc13f0-2297-42f5-a9f5-b460c5d364d9"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Component","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Setup","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of authenticating the service and managing the token expiration when needed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Puller","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudwatchMetricPullerSetup(aws,aws#123,ec2#predefined,us-east-2) -> Session cannot expire. Using user/profile authentication.\nINFO InputProcess::AwsCloudwatchMetricPullerSetup(aws,aws#123,ec2#predefined,us-east-2) -> Creating user session\nINFO InputProcess::AwsCloudwatchMetricPullerSetup(aws,aws#123,ec2#predefined,us-east-2) -> New AWS session started.\nINFO InputProcess::AwsCloudwatchMetricPullerSetup(aws,aws#123,ec2#predefined,us-east-2) -> Setup for module has been successfully executed","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the ","type":"text"},{"text":"PrePull","type":"text","marks":[{"type":"code"}]},{"text":" action is executed only one time before the first run of the ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action.","type":"text"}]}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudwatchMetricPuller(aws,123,ec2,predefined,us-east-2) -> Starting data collection every 60 seconds\nINFO InputProcess::AwsCloudwatchMetricPuller(aws,123,ec2,predefined,us-east-2) -> Starting a new pulling from \"['AWS/EC2', 'AWS/EC2Spot']\" namespaces at \"2022-09-23T14:49:36.266007+00:00\"\nINFO InputProcess::AwsCloudwatchMetricPuller(aws,123,ec2,predefined,us-east-2) -> Time range: \"2022-09-23T14:48:00Z\" > \"2022-09-23T14:49:00Z\"\nINFO InputProcess::AwsCloudwatchMetricPuller(aws,123,ec2,predefined,us-east-2) -> Received 3 response(s), generated 17 message(s), tag used: \"cloud.aws.cloudwatch.metrics.936082584952.us-east-2.1\", avg_time_per_source_message: 393.845 ms\nINFO InputProcess::AwsCloudwatchMetricPuller(aws,123,ec2,predefined,us-east-2) -> Applied an offset to wait, retrieval_offset: -36.266007 seconds\nINFO InputProcess::AwsCloudwatchMetricPuller(aws,123,ec2,predefined,us-east-2) -> Data collection completed. Elapsed time: 1.182 seconds. Waiting for 22.552 second(s) until the next one","type":"text"}]},{"type":"paragraph","content":[{"text":"After a successful collector’s execution (this is, no error logs were found), you should be able to see the following log message:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"@devo_pulling_id","type":"text","marks":[{"type":"code"}]},{"text":" value is injected into each event to allow grouping all events ingested by the same pull action. You can use it to get the exact events downloaded on that ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action in the ","type":"text"},{"text":"Data Search","type":"text","marks":[{"type":"strong"}]},{"text":" area of Devo.","type":"text"}]}]}]},{"type":"expand","attrs":{"title":"Restart the persistence"},"content":[{"type":"paragraph","content":[{"text":"This collector does not use any kind of persistent storage.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"AWS-GuardDuty (Via API)","type":"text"}]},{"type":"paragraph","content":[{"text":"This service reads GuardDuty events via API. This service is not scalable because of it use of GuardDuty APIs. We use this service for “low” data due to the API limitation, otherwise we should use ","type":"text"},{"text":"AWS_SQS_IF","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph","content":[{"text":"This service makes use of the AWS API to get the data only if data is low","type":"text"}]},{"type":"paragraph","content":[{"text":"The events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.guardduty.findings","type":"text","marks":[{"type":"code"}]}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"paragraph","content":[{"text":"Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service has the following components:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"52c053e1-aa80-4598-8b33-ac359be74353"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Component","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Setup","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of authenticating the service and managing the token expiration when needed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Puller","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"2024-052024-05-31T18:40:27.031 INFO InputProcess::AwsGuardDutyApiPullerSetup(aws,aws#121214,aws-guardduty#predefined,ap-southeast-1) -> Session cannot expire. Using user/profile authentication.\n2024-05-31T18:40:28.486 INFO InputProcess::AwsGuardDutyApiPullerSetup(aws,aws#121214,aws-guardduty#predefined,ap-southeast-1) -> Creating user session\n2024-05-31T18:40:28.487 INFO InputProcess::AwsGuardDutyApiPullerSetup(aws,aws#121214,aws-guardduty#predefined,ap-southeast-1) -> New AWS session started.\n2024-05-31T18:40:29.779 INFO InputProcess::AwsGuardDutyApiPullerSetup(aws,aws#121214,aws-guardduty#predefined,ap-southeast-1) -> Setup for module has been successfully executed","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the ","type":"text"},{"text":"PrePull","type":"text","marks":[{"type":"code"}]},{"text":" action is executed only one time before the first run of the ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action.","type":"text"}]}]},{"type":"codeBlock","content":[{"text":"2024-05-31T13:12:08.535895316Z 2024-05-31T13:12:08.535 INFO InputProcess::AwsGuardDutyApiPuller(aws,1023001,aws-guardduty,predefined,ap-southeast-1) -> Starting data collection every 60 seconds\n2024-05-31T13:12:11.648725368Z 2024-05-31T13:12:11.648 INFO OutputProcess::DevoSender(standard_senders,devo_sender_0) -> Created a sender: {\"name\": \"DevoSender(standard_senders,devo_sender_0)\", \"url\": \"collector-eu.devo.io:443\", \"chain_path\": \"/etc/devo/keys/ca.d/chain.crt\", \"cert_path\": \"/etc/devo/keys/devo.crt\", \"key_path\": \"/etc/devo/keys/devo.key\", \"transport_layer_type\": \"SSL\", \"last_usage_timestamp\": null, \"socket_status\": null}, hostname: \"collector-723d1da04d3a87c4-6d89bfcf9-6xzms\", session_id: \"139892643371760\"\n2024-05-31T13:12:22.238716958Z 2024-05-31T13:12:22.229 INFO InputProcess::AwsGuardDutyApiPuller(aws,1023001,aws-guardduty,predefined,ap-southeast-1) -> Total event received: 584, and sent: 584\n2024-05-31T13:12:22.238732449Z 2024-05-31T13:12:22.230 INFO InputProcess::AwsGuardDutyApiPuller(aws,1023001,aws-guardduty,predefined,ap-southeast-1) -> Data collection completed. Elapsed time: 13.697 seconds. Waiting for 46.303 second(s) until the next on","type":"text"}]},{"type":"paragraph","content":[{"text":"After a successful collector’s execution (this is, no error logs were found), you should be able to see the following log message:","type":"text"}]},{"type":"codeBlock","content":[{"text":"2024-05-31T13:12:22.238716958Z 2024-05-31T13:12:22.229 INFO InputProcess::AwsGuardDutyApiPuller(aws,1023001,aws-guardduty,predefined,ap-southeast-1) -> Total event received: 584, and sent: 584\n2024-05-31T13:12:22.238732449Z 2024-05-31T13:12:22.230 INFO InputProcess::AwsGuardDutyApiPuller(aws,1023001,aws-guardduty,predefined,ap-southeast-1) -> Data collection completed. Elapsed time: 13.697 seconds. Waiting for 46.303 second(s) until the next on","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"@devo_pulling_id","type":"text","marks":[{"type":"code"}]},{"text":" value is injected into each event to allow grouping all events ingested by the same pull action. You can use it to get the exact events downloaded on that ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action in the ","type":"text"},{"text":"Data Search","type":"text","marks":[{"type":"strong"}]},{"text":" area of Devo.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Non Cloudwatch Logs","type":"text"}]},{"type":"paragraph","content":[{"text":"This service reads logs from some AWS services, but those logs are not managed by Cloudwatch. These logs are stored in an S3 bucket and read through an SQS queue, so it is using an S3+SQS pipeline.","type":"text"}]},{"type":"paragraph","content":[{"text":"The implemented services currently are:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"VPC Flow Logs","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Cloudfront Logs","type":"text"}]}]}]},{"type":"expand","attrs":{"title":"Devo categorization and destination"},"content":[{"type":"paragraph","content":[{"text":"For VPC Flow Logs:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is not set or is set to ","type":"text"},{"text":"false","type":"text","marks":[{"type":"code"}]},{"text":", the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.vpc.unknown","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":", the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.vpc.{event_type}","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"For Cloudfront Logs:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is not set or is set to ","type":"text"},{"text":"false","type":"text","marks":[{"type":"code"}]},{"text":", the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudfront.unknown","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"If ","type":"text"},{"text":"auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" parameter is set to ","type":"text"},{"text":"true","type":"text","marks":[{"type":"code"}]},{"text":", the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudfront.{event_type}.","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"paragraph","content":[{"text":"Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service has the following components:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"d2d4ccbe-4c3a-4a4a-8672-6ca5b9f349fb"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Component","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Setup","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of authenticating the service and managing the token expiration when needed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Puller","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsSqsS3GenericPullerSetup(aws,aws#123,non-cloudwatch-logs#predefined,us-east-2) -> Session cannot expire. Using user/profile authentication.\nINFO InputProcess::AwsSqsS3GenericPullerSetup(aws,aws#123,non-cloudwatch-logs#predefined,us-east-2) -> Creating user session\nINFO InputProcess::AwsSqsS3GenericPullerSetup(aws,aws#123,non-cloudwatch-logs#predefined,us-east-2) -> New AWS session started.","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the ","type":"text"},{"text":"PrePull","type":"text","marks":[{"type":"code"}]},{"text":" action is executed only one time before the first run of the ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action.","type":"text"}]}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsSqsS3GenericPullerSetup(aws,aws#123,non-cloudwatch-logs#predefined,us-east-2) -> Setup for module has been successfully executed\nINFO InputProcess::AwsSqsS3VpcFlowlogsPuller(aws,123,non-cloudwatch-logs,predefined,us-east-2) -> Starting data collection every 60 seconds\nINFO InputProcess::AwsSqsS3VpcFlowlogsPuller(aws,123,non-cloudwatch-logs,predefined,us-east-2) -> Received 2 response(s), messages (fromSQS/generated): 0/0, discarded files: 0, avg_time_per_source_message: 169.711 ms\nINFO InputProcess::AwsSqsS3VpcFlowlogsPuller(aws,123,non-cloudwatch-logs,predefined,us-east-2) -> Data collection completed. Elapsed time: 0.340 seconds. Waiting for 59.660 second(s) until the next one","type":"text"}]},{"type":"paragraph","content":[{"text":"After a successful collector’s execution (that is, no error logs found), you will see the following log message:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsSqsS3VpcFlowlogsPuller(aws,123,non-cloudwatch-logs,predefined,us-east-2) -> Received 2 response(s), messages (fromSQS/generated): 0/0, discarded files: 0, avg_time_per_source_message: 169.711 ms","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"The value ","type":"text"},{"text":"@devo_pulling_id","type":"text","marks":[{"type":"code"}]},{"text":" is injected in each event to group all events ingested by the same pull action. You can use it to get the exact events downloaded in that ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action in Devo’s search window.","type":"text"}]}]}]},{"type":"expand","attrs":{"title":"Restart the persistence"},"content":[{"type":"paragraph","content":[{"text":"This collector does not use any kind of persistent storage.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Custom Logs","type":"text"}]},{"type":"paragraph","content":[{"text":"This service reads logs from some AWS services and these logs are managed by ","type":"text"},{"text":"Cloudwatch","type":"text","marks":[{"type":"strong"}]},{"text":". Cloudwatch creates log groups to store the different log sources, so it is required to use a custom puller in order to read from different log groups at the same time. This service makes use of the AWS API to get the data.","type":"text"}]},{"type":"expand","attrs":{"title":"Devo categorization and destination"},"content":[{"type":"paragraph","content":[{"text":"All the events are going to be ingested into the table ","type":"text"},{"text":"cloud.aws.cloudwatch.logs","type":"text","marks":[{"type":"code"}]}]}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"paragraph","content":[{"text":"Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console.","type":"text"}]},{"type":"paragraph","content":[{"text":"This service has the following components:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"e862a537-835b-46ce-a94d-5631a732d621"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Component","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Setup","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of authenticating the service and managing the token expiration when needed.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[134.0]},"content":[{"type":"paragraph","content":[{"text":"Puller","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[596.0]},"content":[{"type":"paragraph","content":[{"text":"The setup module is in charge of pulling the data in a organized way and delivering the events via SDK.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudwatchLogsPullerSetup(aws,aws#123,cwl_1#custom,us-east-2) -> Session cannot expire. Using user/profile authentication.\nINFO InputProcess::AwsCloudwatchLogsPullerSetup(aws,aws#123,cwl_1#custom,us-east-2) -> Creating user session\nINFO InputProcess::AwsCloudwatchLogsPullerSetup(aws,aws#123,cwl_1#custom,us-east-2) -> New AWS session started.\nINFO InputProcess::AwsCloudwatchLogsPullerSetup(aws,aws#123,cwl_1#custom,us-east-2) -> Setup for module has been successfully executed","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Note that the ","type":"text"},{"text":"PrePull","type":"text","marks":[{"type":"code"}]},{"text":" action is executed only one time before the first run of the ","type":"text"},{"text":"Pull","type":"text","marks":[{"type":"code"}]},{"text":" action.","type":"text"}]}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::AwsCloudwatchLogsPuller(aws,123,cwl_1,custom,us-east-2) -> Starting data collection every 60 seconds\nINFO InputProcess::AwsCloudwatchLogsPuller(aws,123,cwl_1,custom,us-east-2) -> Starting a new pulling from \"/aws/events/devo-cloudwatch-test-1\" at \"2022-09-23T15:08:18.132865+00:00\"\nINFO InputProcess::AwsCloudwatchLogsPuller(aws,123,cwl_1,custom,us-east-2) -> Optimized first retrieval approach for high number of log streams with medium size","type":"text"}]}]},{"type":"expand","attrs":{"title":"Restart the persistence"},"content":[{"type":"paragraph","content":[{"text":"This collector does not use any kind of persistent storage.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Cisco Umbrella (via S3+SQS)","type":"text"}]},{"type":"paragraph","content":[{"text":"This service reads logs from a Cisco Umbrella managed bucket via the S3+SQS pipeline. Cisco provides a way to deposit logging data into a S3 bucket.","type":"text"}]},{"type":"expand","attrs":{"title":"Devo categorization and destination"},"content":[{"type":"paragraph","content":[{"text":"There are three types of events: dnslogs, iplogs and proxylogs. Cisco stores them in different paths depending on the event type. The collector will ingest them towards the following tables:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"dnslogs: ","type":"text"},{"text":"sig.cisco.umbrella.dns","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"iplogs: ","type":"text"},{"text":"sig.cisco.umbrella.ip","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"proxylogs: ","type":"text"},{"text":"sig.cisco.umbrella.proxy","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In case Cisco starts sending other type of events to s3, they will go to: ","type":"text"},{"text":"sig.cisco.umbrella.unknown","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"expand","attrs":{"title":"Restart the persistence"},"content":[{"type":"paragraph","content":[{"text":"This collector does not use any kind of persistent storage.","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Collector operations","type":"text"}]},{"type":"paragraph","content":[{"text":"This section is intended to explain how to proceed with the specific operations of this collector.","type":"text"}]},{"type":"expand","attrs":{"title":"Verify collector operations"},"content":[{"type":"heading","attrs":{"level":3},"content":[{"text":"Initialization","type":"text"}]},{"type":"paragraph","content":[{"text":"The initialization module is in charge of setup and running the input (pulling logic) and output (delivering logic) services and validating the given configuration.","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the initializer module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"2022-09-23T17:08:14.833 INFO MainProcess::MainThread -> (CollectorMultiprocessingQueue) standard_queue_multiprocessing -> max_size_in_messages: 10000, max_size_in_mb: 1024, max_wrap_size_in_items: 100\n2022-09-23T17:08:15.119 INFO MainProcess::MainThread -> [OUTPUT] OutputMultiprocessingController::__init__ Configuration -> {...}\n2022-09-23T17:08:15.120 INFO MainProcess::MainThread -> OutputProcess - Starting thread (executing_period=300s)\n2022-09-23T17:08:15.122 INFO MainProcess::MainThread -> InputProcess - Starting thread (executing_period=300s)\n2022-09-23T17:08:15.122 INFO OutputProcess::MainThread -> Process started\n2022-09-23T17:08:15.124 INFO InputProcess::MainThread -> Process Started\n2022-09-23T17:08:15.128 INFO InputProcess::MainThread -> InputThread(aws,123) - Starting thread (execution_period=600s)\n2022-09-23T17:08:15.128 INFO InputProcess::MainThread -> ServiceThread(aws,123,cwl_1,custom) - Starting thread (execution_period=600s)\n2022-09-23T17:08:15.128 INFO InputProcess::MainThread -> AwsCloudwatchLogsPullerSetup(aws,aws#123,cwl_1#custom,us-east-2) -> Starting thread\n2022-09-23T17:08:15.128 INFO InputProcess::MainThread -> AwsCloudwatchLogsPuller(aws,123,cwl_1,custom,us-east-2) - Starting thread\n2022-09-23T17:08:15.128 INFO OutputProcess::MainThread -> [INTERNAL LOGIC] DevoSender::_validate_kwargs_for_method__init__ -> The

does not appear to be an IP address and cannot be verified: collector-eu.devo.io\n2022-09-23T17:08:15.132 INFO OutputProcess::MainThread -> [INTERNAL LOGIC] DevoSender::_validate_kwargs_for_method__init__ -> The

does not appear to be an IP address and cannot be verified: collector-eu.devo.io\n2022-09-23T17:08:15.135 INFO OutputProcess::MainThread -> [INTERNAL LOGIC] DevoSender::_validate_kwargs_for_method__init__ -> The

does not appear to be an IP address and cannot be verified: collector-eu.devo.io\n2022-09-23T17:08:15.136 INFO OutputProcess::MainThread -> DevoSender(standard_senders,devo_sender_0) -> Starting thread\n2022-09-23T17:08:15.136 INFO OutputProcess::MainThread -> DevoSenderManagerMonitor(standard_senders,devo_2) -> Starting thread (every 300 seconds)\n2022-09-23T17:08:15.136 INFO OutputProcess::MainThread -> DevoSenderManager(standard_senders,manager,devo_2) -> Starting thread\n2022-09-23T17:08:15.136 INFO OutputProcess::MainThread -> DevoSender(lookup_senders,devo_sender_0) -> Starting thread\n2022-09-23T17:08:15.137 INFO OutputProcess::MainThread -> DevoSenderManagerMonitor(lookup_senders,devo_2) -> Starting thread (every 300 seconds)\n2022-09-23T17:08:15.137 INFO OutputProcess::MainThread -> DevoSenderManager(lookup_senders,manager,devo_2) -> Starting thread\n2022-09-23T17:08:15.137 INFO OutputProcess::MainThread -> DevoSender(internal_senders,devo_sender_0) -> Starting thread\n2022-09-23T17:08:15.137 INFO OutputProcess::MainThread -> DevoSenderManagerMonitor(internal_senders,devo_2) -> Starting thread (every 300 seconds)\n2022-09-23T17:08:15.137 INFO OutputProcess::MainThread -> DevoSenderManager(internal_senders,manager,devo_2) -> Starting thread\n2022-09-23T17:08:15.144 INFO InputProcess::MainThread -> [GC] global: 36.4% -> 36.5%, process: RSS(36.91MiB -> 38.38MiB), VMS(345.21MiB -> 345.45MiB)\n2022-09-23T17:08:15.151 INFO OutputProcess::MainThread -> [GC] global: 36.4% -> 36.5%, process: RSS(37.10MiB -> 39.08MiB), VMS(921.24MiB -> 921.24MiB)","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Events delivery and Devo ingestion","type":"text"}]},{"type":"paragraph","content":[{"text":"The event delivery module receives the events from the internal queues where all events are injected by the pullers and delivering them using the selected compatible delivery method.","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the initializer module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO OutputProcess::SyslogSenderManagerMonitor(standard_senders,sidecar_0) -> Number of available senders: 1, sender manager internal queue size: 0\nINFO OutputProcess::SyslogSenderManagerMonitor(standard_senders,sidecar_0) -> enqueued_elapsed_times_in_seconds_stats: {}\nINFO OutputProcess::SyslogSenderManagerMonitor(standard_senders,sidecar_0) -> Sender: SyslogSender(standard_senders,syslog_sender_0), status: {\"internal_queue_size\": 0, \"is_connection_open\": True}\nINFO OutputProcess::SyslogSenderManagerMonitor(standard_senders,sidecar_0) -> Standard - Total number of messages sent: 44, messages sent since \"2022-06-28 10:39:22.511671+00:00\": 44 (elapsed 0.007 seconds)\nINFO OutputProcess::SyslogSenderManagerMonitor(internal_senders,sidecar_0) -> Number of available senders: 1, sender manager internal queue size: 0\nINFO OutputProcess::SyslogSenderManagerMonitor(internal_senders,sidecar_0) -> enqueued_elapsed_times_in_seconds_stats: {}\nINFO OutputProcess::SyslogSenderManagerMonitor(internal_senders,sidecar_0) -> Sender: SyslogSender(internal_senders,syslog_sender_0), status: {\"internal_queue_size\": 0, \"is_connection_open\": True}\nINFO OutputProcess::SyslogSenderManagerMonitor(internal_senders,sidecar_0) -> Internal - Total number of messages sent: 1, messages sent since \"2022-06-28 10:39:22.516313+00:00\": 1 (elapsed 0.019 seconds)","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"By default, these information traces will be displayed every 10 minutes.","type":"text"}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Sender services","type":"text"}]},{"type":"paragraph","content":[{"text":"The Integrations Factory Collector SDK has 3 different senders services depending on the event type to delivery (","type":"text"},{"text":"internal","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"standard","type":"text","marks":[{"type":"code"}]},{"text":", and ","type":"text"},{"text":"lookup","type":"text","marks":[{"type":"code"}]},{"text":"). This collector uses the following Sender Services:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"6bd704ef-0e1e-4407-992c-002264d15132"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"Sender services","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[511.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"internal_senders","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[511.0]},"content":[{"type":"paragraph","content":[{"text":"In charge of delivering internal metrics to Devo such as logging traces or metrics.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[219.0]},"content":[{"type":"paragraph","content":[{"text":"standard_senders","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[511.0]},"content":[{"type":"paragraph","content":[{"text":"In charge of delivering pulled events to Devo.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Sender statistics","type":"text"}]},{"type":"paragraph","content":[{"text":"Each service displays its own performance statistics that allow checking how many events have been delivered to Devo by type:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"b4ce6589-85aa-4583-b31b-545216de40ff"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Logging trace","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Number of available senders: 1","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Displays the number of concurrent senders available for the given Sender Service.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"sender manager internal queue size: 0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Displays the items available in the internal sender queue.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This value helps detect bottlenecks and needs to increase the performance of data delivery to Devo. This last can be made by increasing the concurrent senders.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Total number of messages sent: 44, messages sent since \"2022-06-28 10:39:22.511671+00:00\": 21 (elapsed 0.007 seconds)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Displayes the number of events from the last time and following the given example, the following conclusions can be obtained:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"44 events were sent to Devo since the collector started.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The last checkpoint timestamp was ","type":"text"},{"text":"2022-06-28 10:39:22.511671+00:00","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"21 events where sent to Devo between the last UTC checkpoint and now.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Those 21 events required ","type":"text"},{"text":"0.007 seconds","type":"text","marks":[{"type":"code"}]},{"text":" to be delivered.","type":"text"}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"By default these traces will be shown every 10 minutes.","type":"text"}]}]}]}]}]}]},{"type":"expand","attrs":{"title":"Check memory usage"},"content":[{"type":"paragraph","content":[{"text":"To check the memory usage of this collector, look for the following log records in the collector which are displayed every 5 minutes by default, always after running the memory-free process.","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The used memory is displayed by running processes and the sum of both values will give the total used memory for the collector.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The global pressure of the available memory is displayed in the ","type":"text"},{"text":"global","type":"text","marks":[{"type":"code"}]},{"text":" value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"All metrics (Global, RSS, VMS) include the value before freeing and after ","type":"text"},{"text":"previous -> after freeing memory","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::MainThread -> [GC] global: 20.4% -> 20.4%, process: RSS(34.50MiB -> 34.08MiB), VMS(410.52MiB -> 410.02MiB)\nINFO OutputProcess::MainThread -> [GC] global: 20.4% -> 20.4%, process: RSS(28.41MiB -> 28.41MiB), VMS(705.28MiB -> 705.28MiB)","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Differences between ","type":"text"},{"text":"RSS","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"VMS","type":"text","marks":[{"type":"code"}]},{"text":" memory usage:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"RSS","type":"text","marks":[{"type":"code"}]},{"text":" is the Resident Set Size, which is the actual physical memory the process is using","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"VMS","type":"text","marks":[{"type":"code"}]},{"text":" is the Virtual Memory Size which is the virtual memory that process is using","type":"text"}]}]}]}]}]},{"type":"expand","attrs":{"title":"Enable/disable the logging debug mode"},"content":[{"type":"paragraph","content":[{"text":"Sometimes it is necessary to activate the debug mode of the collector's logging. This debug mode increases the verbosity of the log and allows you to print execution traces that are very helpful in resolving incidents or detecting bottlenecks in heavy download processes.","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"To enable this option you just need to edit the configuration file and change the debug_status parameter from false to true and restart the collector.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"To disable this option, you just need to update the configuration file and change the debug_status parameter from true to false and restart the collector.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"For more information, visit the configuration and parameterization section corresponding to the chosen deployment mode.","type":"text"}]}]},{"type":"expand","attrs":{"title":"Troubleshooting"},"content":[{"type":"paragraph","content":[{"text":"This collector has different security layers that detect both an invalid configuration and abnormal operation. This table will help you detect and resolve the most common errors.","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"031bf102-0fd7-41a8-97c5-6792491864aa"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"Error type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","content":[{"text":"Error ID","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Error message","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"Cause","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Solution","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not a dictionary type data structure.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"4","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties_key_path}.tag_base\" property must have {event_type}, {account_id}, {region_id} and {format_version} placeholders","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" does not literally contain all those placeholders, and they are required.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"6","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" property is containing some unexpected placeholders, the allowed ones are: [\"event_type\", \"account_id\", \"region_id\", \"format_version\", \"environment\", \"service_name\"]","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" has an unauthorized placeholder or is not correctly built.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"7","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_default\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_default","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"8","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_default\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_default","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"26","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_source_field_name\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_source_field_name","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"27","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_source_field_name\" property must be a boolean","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_source_field_name","type":"text","marks":[{"type":"code"}]},{"text":" is not of type boolean.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"26","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_extracting_regex\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_extracting_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"27","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_extracting_regex\" property must be a boolean","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_extracting_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not of type boolean.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_extracting_regex\" property is not a valid regular expression","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_extracting_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not a valid Regular Expression.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"7","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.enable_auto_event_type\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"enable_auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"8","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.enable_auto_event_type\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"enable_auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"9","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.enable_auto_event_type_config_key\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"enable_auto_event_type_config_key","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"10","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.enable_auto_event_type_config_key\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"enable_auto_event_type_config_key","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"31","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_processor_mapping\" property should be a dictionary.","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_processor_mapping","type":"text","marks":[{"type":"code"}]},{"text":" is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"32","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_processor_mapping\" exists but it is empty.","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_processor_mapping","type":"text","marks":[{"type":"code"}]},{"text":" cannot be empty, and it is.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"33","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_processor_mapping.{processor_name}.processor_class\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"processor_class","type":"text","marks":[{"type":"code"}]},{"text":" does not exist or is empty.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"34","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_processor_mapping.{processor_name}.processor_class\" should be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"processor_class","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"35","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_processor_mapping.{processor_name}.tagging\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tagging","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"36","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_processor_mapping.{processor_name}.tagging\" should be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tagging","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"10","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_custom_name_key\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_custom_name_key","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"11","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_custom_name_key\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_custom_name_key","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"12","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_required_default_name\" property must be a boolean","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_required_default_name","type":"text","marks":[{"type":"code"}]},{"text":" is not of type boolean.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"13","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_default_name\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_default_name","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"14","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_default_name\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_default_name","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"15","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_default_name\" property must have {input_id} placeholder","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_default_name","type":"text","marks":[{"type":"code"}]},{"text":" does not have the required ","type":"text"},{"text":"{input_id}","type":"text","marks":[{"type":"code"}]},{"text":" placeholder.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.tag\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"4","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{sqs_queue_custom_name_key}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not present in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Add the indicated parameter to the configuration file.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{sqs_queue_custom_name_key}\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Make the indicated parameter be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"6","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{sqs_queue_custom_name_key}\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Make the indicated parameter be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"7","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{enable_auto_event_type_config_key}\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Make the indicated parameter be a string.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Common for all the services using the S3+SQS pipeline","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"3f882ceb-13fa-46fe-82ce-ea7a419a3e7d"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"Error type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Error ID","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Error message","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"Cause","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Solution","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not a dictionary type data structure.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"10","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_path}.start_time_regex\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not present at collector definition file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support tea","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"11","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_path}.start_time_regex\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is of a type other than string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support tea","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"12","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_path}.start_time_regex\" property is not a valid regular expression","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not a valid Regular Expression.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support tea","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"21","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{sqs_s3_processor_properties_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not present in collector definition file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support tea","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"22","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{sqs_s3_processor_properties_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support tea","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"26","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{sqs_s3_processor_properties_key_path}.class_name\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"class_name","type":"text","marks":[{"type":"code"}]},{"text":" is empty or is not present in the collector definition file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support tea","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"27","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{sqs_s3_processor_properties_key_path}.class_name\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"class_name","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support tea","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"10","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_custom_name_key\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_custom_name_key","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"11","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_custom_name_key\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_custom_name_key","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"12","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_required_default_name\" property must be a boolean","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_required_default_name","type":"text","marks":[{"type":"code"}]},{"text":" is not of type boolean.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"13","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_default_name\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_default_name","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"14","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_default_name\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_default_name","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"15","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sqs_queue_default_name\" property must have {input_id} placeholder","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sqs_queue_default_name","type":"text","marks":[{"type":"code"}]},{"text":" does not have the required ","type":"text"},{"text":"{input_id}","type":"text","marks":[{"type":"code"}]},{"text":" placeholder.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.tag\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"4","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{sqs_queue_custom_name_key}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not present in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Add the indicated parameter to the configuration file.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{sqs_queue_custom_name_key}\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Make the indicated parameter be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"6","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{sqs_queue_custom_name_key}\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Make the indicated parameter be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"7","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{enable_auto_event_type_config_key}\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated in the error message is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Make the indicated parameter be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"7","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.start_time\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"8","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"The property \"{service_config_key_path}.start_time\" from configuration is having a wrong format, expected pattern: \"{start_time_regex}\"","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" parameter does not match the Regular Expression.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" parameter to march the Regular Expression.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsQueueException","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"0","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Queue \"{sqs_queue_name}\" used by service \"{service_name}\" in \"{submodule_config}\" region is not available: reason: {reason}","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The queue indicated in the error message is not available.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Check the next things:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Name of the queue.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The queue exists in the indicated region.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Read carefully the reason the error message is returning.","type":"text"}]}]}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Audit (via API)","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"28950415-9dc9-4341-bcb9-aa0790b10650"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"Error type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Error ID","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Error message","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"Cause","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Solution","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not a dictionary type data structure.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"4","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties_key_path}.tag_base\" property must have {event_type}, {account_id}, {region_id} and {format_version} placeholders","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" does not literally contain all those placeholders, and they are required.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"6","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" property is containing some unexpected placeholders, the allowed ones are: [\"event_type\", \"account_id\", \"region_id\", \"format_version\", \"environment\", \"service_name\"]","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" has an unauthorized placeholder or is not correctly built.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"7","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_default\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_default","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"8","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.event_type_default\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"event_type_default","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"9","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.enable_auto_event_type\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"enable_auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"10","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.enable_auto_event_type\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"enable_auto_event_type","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"11","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.enable_auto_event_type_config_key\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"enable_auto_event_type_config_key","type":"text","marks":[{"type":"code"}]},{"text":" is empty or is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"12","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.enable_auto_event_type_config_key\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"enable_auto_event_type_config_key","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"13","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.start_time_regex\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is empty or is not present in the collector definition file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"14","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.start_time_regex\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"15","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.start_time_regex\" property is not a valid regular expression","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is using a invalid Regular Expression.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"16","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.gap_until_now_in_minutes\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"gap_until_now_in_minutes","type":"text","marks":[{"type":"code"}]},{"text":" is empty or not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"17","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.gap_until_now_in_minutes\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"gap_until_now_in_minutes","type":"text","marks":[{"type":"code"}]},{"text":" is not of type integer.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"18","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.gap_until_now_in_minutes\" property can not be a negative value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"gap_until_now_in_minutes","type":"text","marks":[{"type":"code"}]},{"text":" is having a negative value, which is not allowed.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"19","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.time_slot_in_hours\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"time_slot_in_hours","type":"text","marks":[{"type":"code"}]},{"text":" is empty or is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.time_slot_in_hours\" property must be an integer","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"time_slot_in_hours","type":"text","marks":[{"type":"code"}]},{"text":" is not of type integer.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"21","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.time_slot_in_hours\" property can not be 0 or a negative value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"time_slot_in_hours","type":"text","marks":[{"type":"code"}]},{"text":" is zero or has a negative value, which is not allowed.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"22","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sources\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sources","type":"text","marks":[{"type":"code"}]},{"text":" is empty or is not present in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"23","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.sources\" property exists but with wrong format, only \"str\" or \"list\" values are allowed","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sources","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string or list.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.tag\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"4","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.sources\" property exists but with wrong format, only \"str\" or \"list\" values are allowed","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"sources","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string or list.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"sources","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string or a list.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.gap_until_now_in_minutes\" property must be an integer","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"gap_until_now_in_minutes","type":"text","marks":[{"type":"code"}]},{"text":" is not of type integer.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"gap_until_now_in_minutes","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be an integer.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"6","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.start_time\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"7","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"The property \"{service_config_key_path}.start_time\" from configuration is having a wrong format, expected pattern: \"{start_time_regex}\"","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" is using an invalid Regular Expression.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" parameter to match the Regular Expression indicated in the error message.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"8","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.drop_event_names\" property must be a list","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"drop_event_names","type":"text","marks":[{"type":"code"}]},{"text":" is not of type list.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"drop_event_names","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a list.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"9","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.{enable_auto_event_type_config_key}\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The parameter indicated by the error message is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the parameter indicated by the error message to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"10","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.time_slot_in_hours\" property must be integer","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"time_slot_in_hours","type":"text","marks":[{"type":"code"}]},{"text":" is not of type integer.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"time_slot_in_hours","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be an integer.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Custom Logs","type":"text"}]},{"type":"paragraph"},{"type":"table","attrs":{"layout":"default","localId":"34002aff-b8b1-407e-a2a3-53d840616840"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"Error type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Error ID","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Error message","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"Cause","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Solution","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"0","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory property \"requests_per_second\" is missing (located at: aws.request_per_second)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"requests_per_second","type":"text","marks":[{"type":"code"}]},{"text":" is not present at configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Add ","type":"text"},{"text":"requests_per_second","type":"text","marks":[{"type":"code"}]},{"text":" to the configuration file.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not a dictionary type data structure.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"4","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceDefinitionException","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties_key_path}.tag_base\" property must have {event_type}, {account_id}, {region_id} and {format_version} placeholders","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" does not literally contain all those placeholders, and they are required.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"6","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" property is containing some unexpected placeholders, the allowed ones are: [\"event_type\", \"account_id\", \"region_id\", \"format_version\", \"environment\", \"service_name\"]","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" has an unauthorized placeholder or is not correctly built.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"7","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.start_time_regex\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not present or is empty in the collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"8","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.start_time_regex\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsModuleDefinitionError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"9","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.start_time_regex\" property is not a valid regular expression","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time_regex","type":"text","marks":[{"type":"code"}]},{"text":" is not a valid Regular Expression.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"3","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.tag\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"43","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.use_first_optimized_retrieval\" property must be a boolean","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"use_first_optimized_retrieval","type":"text","marks":[{"type":"code"}]},{"text":" is not of type boolean.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"use_first_optimized_retrieval","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a boolean.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.log_group\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"log_group","type":"text","marks":[{"type":"code"}]},{"text":" is empty or is not present in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Add the ","type":"text"},{"text":"log_group","type":"text","marks":[{"type":"code"}]},{"text":" parameter to the configuration file.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.log_group\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"log_group","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"log_group","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.start_time\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"The property \"{service_config_key_path}.start_time\" from configuration is having a wrong format, expected pattern: \"{start_time_regex}\"","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" is not matching the pattern indicated in the error message.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Make ","type":"text"},{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" match the pattern indicated in the error message.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Metrics","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"698f3661-e2ea-4788-a1e1-aa11e2d98b2a"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"Error type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Error ID","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Error message","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"Cause","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Solution","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceDefinitionException","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceDefinitionException","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"module_properties","type":"text","marks":[{"type":"code"}]},{"text":" is not a dictionary type data structure.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceDefinitionException","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" is not present in collector definitions file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceDefinitionException","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"6","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.tag_base\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag_base","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceDefinitionException","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.metric_namespace\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"metric_namespace","type":"text","marks":[{"type":"code"}]},{"text":" is empty or is not present in collector definitions.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceDefinitionException","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{module_properties_key_path}.metric_namespace\" property must be a list","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"metric_namespace","type":"text","marks":[{"type":"code"}]},{"text":" is not of type list.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"This is an internal issue. Please, contact with Devo Support team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsInputConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{input_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"inputs","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" mandatory property is missing or empty","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is missing or empty in the configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"8","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}\" property must be a dictionary","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" data structure is not of type dictionary.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Go to the “Running the collector on…“ section in the documentation and check the data structure required for the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"8","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"{service_config_key_path}.tag\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"tag","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"0","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory property \"metric_namespaces\" is missing","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"metric_namespaces","type":"text","marks":[{"type":"code"}]},{"text":" is not present in configuration file.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Add ","type":"text"},{"text":"metric_namespaces","type":"text","marks":[{"type":"code"}]},{"text":" to the configuration file.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"0","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"Mandatory property \"metric_namespaces\" property must be a list","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"metric_namespaces","type":"text","marks":[{"type":"code"}]},{"text":" is not of type list.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"metric_namespaces","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a list.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"When a service uses \"metrics\" type, the property \"request_period_in_seconds\" must have one of the following values: 1, 5, 10, 30, 60, or any multiple of 60","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"request_period_in_seconds","type":"text","marks":[{"type":"code"}]},{"text":" is using a value that is not allowed.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"request_period_in_seconds","type":"text","marks":[{"type":"code"}]},{"text":" parameter to match one of this values: 1, 5, 10, 30, 60, or any multiple of 60.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"4","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"\"start_time\" property must be a string","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" is not of type string.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" parameter to be a string.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[93.0]},"content":[{"type":"paragraph","content":[{"text":"AwsServiceConfigurationError","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[78.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"4","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[153.0]},"content":[{"type":"paragraph","content":[{"text":"The property \"start_time\" from configuration is having a wrong format, expected: YYYY-mm-ddTHH:MM:SSZ","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[292.0]},"content":[{"type":"paragraph","content":[{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" is using an incorrect format.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[114.0]},"content":[{"type":"paragraph","content":[{"text":"Change the ","type":"text"},{"text":"start_time","type":"text","marks":[{"type":"code"}]},{"text":" to match the format indicated in the error message.","type":"text"}]}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Change log","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"dd2c5439-4de9-446d-9827-8d81fdf4b74c"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","content":[{"text":"Release","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"text":"Released on","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"text":"Release type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","content":[{"text":"Recommendations","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","content":[{"text":"v1.12.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1740700800000"}},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"IMPROVEMENT","localId":"9ff09028-ce5a-46ed-a731-7ccb1243876c"}},{"type":"hardBreak"},{"type":"status","attrs":{"color":"red","style":"bold","text":"BUG fix","localId":"7145e74b-4933-4c84-8924-de975aa18e38"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"Improvements","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Updated DCSDK base docker image 1.4.0.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Updated DCSDK from 1.13.1 to 1.14.0:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added new sender for relay in house + TLS","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added persistence functionality for gzip sending buffer","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed error related a ValueError exception not well controlled","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed error related with loss of some values in internal messages","type":"text"}]}]}]}]}]},{"type":"paragraph","content":[{"text":"Bug Fix:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed the bug related to delay in ingestion","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","content":[{"text":"Recommended version","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.11.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1736121600000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"hardBreak"},{"type":"status","attrs":{"color":"green","style":"bold","text":"IMPROVEMENT","localId":"346f134c-3f0b-48b3-a559-1ab91d8cafc5"}},{"type":"hardBreak"},{"type":"status","attrs":{"color":"red","style":"bold","text":"BUG FIX","localId":"f6635bbe-3ba5-419d-94f0-5dee583339cd"}},{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"Improvements","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Updated DCSDK base docker image 1.3.1.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added Unit tests and added user_guide","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded ","type":"text"},{"text":"Boto3","type":"text","marks":[{"type":"code"}]},{"text":" libraries from ","type":"text"},{"text":"1.34.97","type":"text","marks":[{"type":"code"}]},{"text":" to ","type":"text"},{"text":"1.35.92","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Updated DCSDK from 1.11.1 to 1.13.1:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added new sender for relay in house + TLS","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added persistence functionality for gzip sending buffer","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added Automatic activation of gzip sending","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Improved behaviour when persistence fails","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded DevoSDK dependency","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed console log encoding","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Restructured python classes","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Improved behaviour with non-utf8 characters","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Decreased default size value for internal queues (Redis limitation, from 1GiB to 256MiB)","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"New persistence format/structure (compression in some cases)","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Removed dmesg execution (It was invalid for docker execution)","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Applied changes to make DCSDK compatible with MacOS","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgrade DevoSDK dependency to version v5.4.0","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Change internal queue management for protecting against OOMK","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Extracted ModuleThread structure from PullerAbstract","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Improve Controlled stop when both processes fails to instantiate","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Improve Controlled stop when InputProcess is killed","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Bug related to lost of collector_name , collector_id and job_id","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Bug related queues and ValueError (edited)","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Change internal queue management for protecting against OOMK","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Extracted ModuleThread structure from PullerAbstract","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Improve Controlled stop when both processes fails to instantiate","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Improve Controlled stop when InputProcess is killed","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed error related a ValueError exception not well controlled","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed error related with loss of some values in internal mes ","type":"text"}]}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Bug Fix:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Changes in code to handle the guard-duty missing logs issue","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"sages","type":"text"},{"type":"hardBreak"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.10.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1717113600000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"purple","style":"bold","text":"NEW FEATURE","localId":"f0d62c65-0eb0-445e-8276-171a84e290f2"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"Improvements:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Implemented GuardDuty service, added puller set-up and puller for it","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.8.2","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1709251200000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"IMPROVEMENT","localId":"0802f87e-fd7a-4aaa-8393-288a3878f5af"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"Improvements:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded DCSDK Docker base image updated to ","type":"text"},{"text":"1.2.0","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.8.1","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1709078400000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"red","style":"bold","text":"BUG FIX","localId":"1a75711f-ec5b-4f86-814a-3df01af92bbb"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"Bug Fixes:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fix a bug when dealing with events that have no lastEventTimestamp present in the log_stream","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.8.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1701907200000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"IMPROVEMENT","localId":"e4f2cf88-dff1-406f-ae75-e4326fa3d799"}},{"type":"hardBreak"},{"type":"status","attrs":{"color":"purple","style":"bold","text":"NEW FEATURE","localId":"2f5e6de9-0caf-4afd-99d6-ac22705ec770"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"New Feature","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Updated method to call all the log group name if log_group parameter is this '/' in the config","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Improvements","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded DCSDK from 1.9.2 to 1.10.2","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Ensure special characters are properly sent to the platform","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Changed log level to some messages from info to debug","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Changed some wrong log messages","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded some internal dependencies","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Changed queue passed to setup instance constructor","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Ability to validate collector setup and exit without pulling any data","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Ability to store in the persistence the messages that couldn't be sent after the collector stopped","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Ability to send messages from the persistence when the collector starts and before the puller begins working","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Ensure special characters are properly sent to the platform","type":"text"}]}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.7.1","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1698192000000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"red","style":"bold","text":"bug fixes","localId":"1d5845d2-52aa-4b2b-a950-7d69f5af7f37"}},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed the way the collector handles milliseconds as the ","type":"text"},{"text":"strptime","type":"text","marks":[{"type":"code"}]},{"text":" function has been updated since 2021","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed the missing parameter in a method call","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Recommended version","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.6.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1695168000000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"purple","style":"bold","text":"NEW FEATURE","localId":"d1b7fa00-5039-432b-bdbe-b1a12c0fac06"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"New features:","type":"text","marks":[{"type":"strong"}]}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added Cisco Umbrella new data source using SQS+S3","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added ","type":"text"},{"text":"is_aws_service","type":"text","marks":[{"type":"code"}]},{"text":" optional parameter in ","type":"text"},{"text":"collector_definitions.yaml","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added ","type":"text"},{"text":"event_type_file_regex_patterns","type":"text","marks":[{"type":"code"}]},{"text":" optional parameter to set a dict as: ","type":"text"},{"text":"event_type -> regex_for_s3_file_key","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.5.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1691712000000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"IMPROVEMENT","localId":"58e885f4-77ae-42c4-be5e-40d24520e7b2"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"Improvements","type":"text","marks":[{"type":"strong"}]}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded [","type":"text"},{"text":"boto","type":"text","marks":[{"type":"code"}]},{"text":"] libraries from 1.21.36 to 1.28.24","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded DCSDK from 1.3.0 to 1.9.1","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.4.1","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1660176000000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"red","style":"bold","text":"BUG FIX","localId":"66881540-094b-4a3e-9b40-8fe583821fcc"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"Bug Fixes:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed a bug that prevented the use of the Assumed Role authentication method.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed a bug that prevented session renewal when using any of the Assume Authentication methods:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Assume Role","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Cross Account","type":"text"}]}]}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[107.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"v1.4.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[143.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1642809600000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[133.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"purple","style":"bold","text":"NEW FEATURE","localId":"32b5ae49-f587-4e8f-a18e-25760e589c3c"}},{"text":" ","type":"text"},{"type":"hardBreak"},{"type":"status","attrs":{"color":"green","style":"bold","text":"IMPROVEMENT","localId":"9c5b7034-3fd1-481f-ad37-dc25b59f51e0"}},{"type":"hardBreak"},{"type":"status","attrs":{"color":"red","style":"bold","text":"BUG FIX","localId":"693f11e7-d873-4ead-ab78-58641363fe01"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[201.0]},"content":[{"type":"paragraph","content":[{"text":"New features:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"CrossAccount","type":"text","marks":[{"type":"code"}]},{"text":" authentication method is now available improving the way in which the credentials are shared when the collector is running in the Collector Service.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Improvements:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The ","type":"text"},{"text":"audit-events-all","type":"text","marks":[{"type":"code"}]},{"text":" service (type ","type":"text"},{"text":"audits_api","type":"text","marks":[{"type":"code"}]},{"text":") has been enhanced to allow requesting events older than 500 days.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Bug Fixes:","type":"text","marks":[{"type":"strong"}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed a bug that raised a ","type":"text"},{"text":"KeyError","type":"text","marks":[{"type":"code"}]},{"text":" when the optional param ","type":"text"},{"text":"event_type_processor_mapping","type":"text","marks":[{"type":"code"}]},{"text":" was not defined running ","type":"text"},{"text":"service-events-all","type":"text","marks":[{"type":"code"}]},{"text":" service.","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[173.0]},"content":[{"type":"paragraph","marks":[{"type":"alignment","attrs":{"align":"center"}}],"content":[{"text":"Upgrade","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"paragraph"}],"version":1}

Browser not supported