Document toolboxDocument toolbox

cloud.aws.configlogs

Owned by Juan Tomás Alonso Nieto (Deactivated), created
Last updated: May 22, 2023
1 min read
[ 1 Introduction ] [ 2 Valid tags and data tables  ] [ 3 Table structure ]

Introduction

The tags beginning with cloud.aws.configlogs identify events generated by AWS Config.

Valid tags and data tables 

The full tag must have 4 levels. The first 3 are fixed as cloud.aws.configlogs. The fourth level indicates the event subtype.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

AWS Config

cloud.aws.configlogs.events

cloud.aws.configlogs.events

For more information, read more About Devo tags.

Table structure

These are the fields displayed in this table:

Field

Type

Field transformation

Source field name

Extra fields

Field

Type

Field transformation

Source field name

Extra fields

eventdate

timestamp

 

 

 

fileVersion

str

 

 

 

configurationItems_str

str

stringify(json(configurationItems))

configurationItems

 

configurationItemDiff_changedProperties_Relationships0_previousValue_resourceId

str

 

 

 

configurationItemDiff_changedProperties_Relationships0_previousValue_resourceType

str

 

 

 

configurationItemDiff_changedProperties_Relationships0_previousValue_name

str

 

 

 

configurationItemDiff_changedProperties_Relationships0_updatedValue_resourceId

str

 

 

 

configurationItemDiff_changedProperties_Relationships0_updatedValue_resourceType

str

 

 

 

configurationItemDiff_changedProperties_Relationships0_updatedValue_name

str

 

 

 

configurationItemDiff_changedProperties_Relationships0_changeType

str

 

 

 

configurationItemDiff_changedProperties_Relationships1_previousValue_resourceId

str

 

 

 

configurationItemDiff_changedProperties_Relationships1_previousValue_resourceType

str

 

 

 

configurationItemDiff_changedProperties_Relationships1_previousValue_name

str

 

 

 

configurationItemDiff_changedProperties_Relationships1_updatedValue_resourceId

str

 

 

 

configurationItemDiff_changedProperties_Relationships1_updatedValue_resourceType

str

 

 

 

configurationItemDiff_changedProperties_Relationships1_updatedValue_name

str

 

 

 

configurationItemDiff_changedProperties_Relationships1_changeType

str

 

 

 

configurationItemDiff_changedProperties_Relationships2_previousValue_resourceId

str

 

 

 

configurationItemDiff_changedProperties_Relationships2_previousValue_resourceType

str

 

 

 

configurationItemDiff_changedProperties_Relationships2_previousValue_name

str

 

 

 

configurationItemDiff_changedProperties_Relationships2_updatedValue_resourceId

str

 

 

 

configurationItemDiff_changedProperties_Relationships2_updatedValue_resourceType

str

 

 

 

configurationItemDiff_changedProperties_Relationships2_updatedValue_name

str

 

 

 

configurationItemDiff_changedProperties_Relationships2_changeType

str

 

 

 

configurationItemDiff_changeType

str

 

 

 

configurationItem_relatedEvents

str

 

 

 

configurationItem_relationships_resourceId_str

str

replace(replace(stringify(json(configurationItem_relationships_resourceId)), "[", ""), "]", "")

configurationItem_relationships_resourceId

 

configurationItem_relationships_resourceName_str

str

replace(replace(stringify(json(configurationItem_relationships_resourceName)), "[", ""), "]", "")

configurationItem_relationships_resourceName

 

configurationItem_relationships_resourceType_str

str

configurationItem_relationships_resourceType

 

configurationItem_relationships_name_str

str

configurationItem_relationships_name

 

configurationItem_configuration_description

str

 

 

 

configurationItem_configuration_groupName

str

 

 

 

configurationItem_configuration_ipPermissions_ipProtocol_str

str

configurationItem_configuration_ipPermissions_ipProtocol

 

configurationItem_configuration_ipPermissions_ipv6Ranges_str

str

configurationItem_configuration_ipPermissions_ipv6Ranges

 

configurationItem_configuration_ipPermissions_prefixListIds_str

str

configurationItem_configuration_ipPermissions_prefixListIds

 

configurationItem_configuration_ipPermissions_userIdGroupPairs_str

str

configurationItem_configuration_ipPermissions_userIdGroupPairs

 

configurationItem_configuration_ipPermissions_ipv4Ranges_str

str

configurationItem_configuration_ipPermissions_ipv4Ranges

 

configurationItem_configuration_ipPermissions_ipRanges_str

str

configurationItem_configuration_ipPermissions_ipRanges

 

configurationItem_configuration_ownerId

str

 

 

 

configurationItem_configuration_groupId

str

 

 

 

configurationItem_configuration_ipPermissionsEgress_ipProtocol_str

str

configurationItem_configuration_ipPermissionsEgress_ipProtocol

 

configurationItem_configuration_ipPermissionsEgress_ipv6Ranges_str

str

configurationItem_configuration_ipPermissionsEgress_ipv6Ranges

 

configurationItem_configuration_ipPermissionsEgress_prefixListIds_str

str

configurationItem_configuration_ipPermissionsEgress_prefixListIds

 

configurationItem_configuration_ipPermissionsEgress_userIdGroupPairs_str

str

configurationItem_configuration_ipPermissionsEgress_userIdGroupPairs

 

configurationItem_configuration_ipPermissionsEgress_ipv4Ranges_str

str

configurationItem_configuration_ipPermissionsEgress_ipv4Ranges

 

configurationItem_configuration_ipPermissionsEgress_ipRanges_str

str

configurationItem_configuration_ipPermissionsEgress_ipRanges

 

configurationItem_configuration_tags

str

 

 

 

configurationItem_configuration_vpcId

str

 

 

 

configurationItem_supplementaryConfiguration

str

 

 

 

configurationItem_supplementaryConfiguration__EnableTerminationProtection

bool

 

 

 

configurationItem_supplementaryConfiguration_StackResourceSummaries_updateReplacePolicy_str

str

configurationItem_supplementaryConfiguration_StackResourceSummaries_updateReplacePolicy

 

configurationItem_supplementaryConfiguration_StackResourceSummaries_deletionPolicy_str

str

configurationItem_supplementaryConfiguration_StackResourceSummaries_deletionPolicy

 

configurationItem_supplementaryConfiguration_StackResourceSummaries_logicalResourceId_str

str

configurationItem_supplementaryConfiguration_StackResourceSummaries_logicalResourceId

 

configurationItem_supplementaryConfiguration_StackResourceSummaries_physicalResourceId_str

str

configurationItem_supplementaryConfiguration_StackResourceSummaries_physicalResourceId

 

configurationItem_supplementaryConfiguration_StackResourceSummaries_resourceType_str

str

configurationItem_supplementaryConfiguration_StackResourceSummaries_resourceType

 

configurationItem_supplementaryConfiguration_StackResourceSummaries_lastUpdatedTimestamp_str

str

configurationItem_supplementaryConfiguration_StackResourceSummaries_lastUpdatedTimestamp

 

configurationItem_supplementaryConfiguration_StackResourceSummaries_resourceStatus_str

str

configurationItem_supplementaryConfiguration_StackResourceSummaries_resourceStatus

 

configurationItem_supplementaryConfiguration_StackResourceSummaries_driftInformation_stackResourceDriftStatus_str

str

configurationItem_supplementaryConfiguration_StackResourceSummaries_driftInformation_stackResourceDriftStatus

 

supplementaryConfiguration_unsupportedResources

str

 

 

 

configurationItem_tags

str

 

 

 

configurationItem_configurationItemVersion

str

 

 

 

configurationItem_configurationItemCaptureTime

timestamp

 

 

 

configurationItem_configurationStateId

int8

 

 

 

configurationItem_awsAccountId

str

 

 

 

configurationItem_configurationItemStatus

str

 

 

 

configurationItem_resourceType

str

 

 

 

configurationItem_resourceId

str

 

 

 

configurationItem_resourceName

str

 

 

 

configurationItem_ARN

str

 

 

 

configurationItem_awsRegion

str

 

 

 

configurationItem_availabilityZone

str

 

 

 

configurationItem_configurationStateMd5Hash

str

 

 

 

configurationItem_resourceCreationTime

timestamp

 

 

 

configurationItem_fileVersion

str

 

 

 

configurationItem_configSnapshotId

str

 

 

 

configurationItem_eventTimestamp

timestamp

 

 

 

configurationItem_configuration_stackId

str

 

 

 

configurationItem_configuration_stackName

str

 

 

 

configurationItem_configuration_creationTime

str

configurationItem_configuration_creationTime_tmp

 

configurationItem_configuration_lastUpdatedTime

str

 

 

 

configurationItem_configuration_stackStatus

str

 

 

 

configurationItem_configuration_disableRollback

bool

 

 

 

configurationItem_configuration_notificationARNs_str

str

configurationItem_configuration_notificationARNs

 

configurationItem_configuration_capabilities_str

str

configurationItem_configuration_capabilities

 

configurationItem_configuration_outputs_str

str

configurationItem_configuration_outputs

 

configurationItem_configuration_driftInformation_stackDriftStatus

str

 

 

 

notificationCreationTime

timestamp

 

 

 

messageType

str

 

 

 

recordVersion

str

 

 

 

`timestamp`

timestamp

 

configurationItem_configurationItemCaptureTime

 

ACCID

str

 

 

 

REGION

str

 

 

 

hostchain

str

 

 

✓

tag

str

 

 

✓

rawMessage

str

 

 

✓