You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the enhancement:
Amazon Security Lake can store security telemetry from both AWS services and 3rd parties such as CrowdStrike, Zscaler and many more. Data is stored in Apache Parquet files. We have an existing integration to ingest this data from Security Lake and map it to ECS to ensure it can be leveraged within Elastic Security.
Our current integration relies upon Elastic Agent, but we see a strong demand amongst AWS customers to leverage Serverless Forwarder instead.
Can we add support to Servless Forwarder to read/decode Parquet files, to enable Amazon Security Lake customers to ingest data without the need for Elastic Agent?
Describe the enhancement:
Amazon Security Lake can store security telemetry from both AWS services and 3rd parties such as CrowdStrike, Zscaler and many more. Data is stored in Apache Parquet files. We have an existing integration to ingest this data from Security Lake and map it to ECS to ensure it can be leveraged within Elastic Security.
Our current integration relies upon Elastic Agent, but we see a strong demand amongst AWS customers to leverage Serverless Forwarder instead.
Can we add support to Servless Forwarder to read/decode Parquet files, to enable Amazon Security Lake customers to ingest data without the need for Elastic Agent?
PR's to highlight what was done on the Beats S3 input to add Parquet file support: elastic/beats#35183 and elastic/beats#35578
The text was updated successfully, but these errors were encountered: