Mappings: AWS API Gateway
Input | Value |
---|---|
Vendor | AWS |
Product | API Gateway |
Log Format | JSON |
Event ID Regex Pattern | _default_ |
Output | Value |
---|---|
Vendor | Amazon AWS |
Product | API Gateway |
Record Type | NetworkHTTP |
Cloud SIEM Schema Field | Original Record Key | Notes |
---|---|---|
accountId | message.accountId | |
cloud_provider | None | The static text AWS is populated in this schema field. |
cloud_service | None | The static text API Gateway is populated in this schema field. |
http_method | message.httpMethod | |
http_response_contentLength | message.responseLength | |
http_response_statusCode | message.status | |
http_userAgent | message.userAgent | |
srcDevice_ip | message_ip | |
tcpProtocol | message.protocol | |
timestamp | message.requestTime | We expect the orginal record value of message.requestTime is in the format dd/MMM/yyyy:HH:mm:ss Z |
user_authDomain | message.domain |