AWS fields
editAWS fields
editModule for handling logs from AWS.
aws
editFields from AWS logs.
s3access
editFields for AWS S3 server access logs.
-
aws.s3access.bucket_owner
-
The canonical user ID of the owner of the source bucket.
type: keyword
-
aws.s3access.bucket
-
The name of the bucket that the request was processed against.
type: keyword
-
aws.s3access.remote_ip
-
The apparent internet address of the requester.
type: ip
-
aws.s3access.requester
-
The canonical user ID of the requester, or a - for unauthenticated requests.
type: keyword
-
aws.s3access.request_id
-
A string generated by Amazon S3 to uniquely identify each request.
type: keyword
-
aws.s3access.operation
-
The operation listed here is declared as SOAP.operation, REST.HTTP_method.resource_type, WEBSITE.HTTP_method.resource_type, or BATCH.DELETE.OBJECT.
type: keyword
-
aws.s3access.key
-
The "key" part of the request, URL encoded, or "-" if the operation does not take a key parameter.
type: keyword
-
aws.s3access.request_uri
-
The Request-URI part of the HTTP request message.
type: keyword
-
aws.s3access.http_status
-
The numeric HTTP status code of the response.
type: long
-
aws.s3access.error_code
-
The Amazon S3 Error Code, or "-" if no error occurred.
type: keyword
-
aws.s3access.bytes_sent
-
The number of response bytes sent, excluding HTTP protocol overhead, or "-" if zero.
type: long
-
aws.s3access.object_size
-
The total size of the object in question.
type: long
-
aws.s3access.total_time
-
The number of milliseconds the request was in flight from the server’s perspective.
type: long
-
aws.s3access.turn_around_time
-
The number of milliseconds that Amazon S3 spent processing your request.
type: long
-
aws.s3access.referrer
-
The value of the HTTP Referrer header, if present.
type: keyword
-
aws.s3access.user_agent
-
The value of the HTTP User-Agent header.
type: keyword
-
aws.s3access.version_id
-
The version ID in the request, or "-" if the operation does not take a versionId parameter.
type: keyword
-
aws.s3access.host_id
-
The x-amz-id-2 or Amazon S3 extended request ID.
type: keyword
-
aws.s3access.signature_version
-
The signature version, SigV2 or SigV4, that was used to authenticate the request or a - for unauthenticated requests.
type: keyword
-
aws.s3access.cipher_suite
-
The Secure Sockets Layer (SSL) cipher that was negotiated for HTTPS request or a - for HTTP.
type: keyword
-
aws.s3access.authentication_type
-
The type of request authentication used, AuthHeader for authentication headers, QueryString for query string (pre-signed URL) or a - for unauthenticated requests.
type: keyword
-
aws.s3access.host_header
-
The endpoint used to connect to Amazon S3.
type: keyword
-
aws.s3access.tls_version
-
The Transport Layer Security (TLS) version negotiated by the client.
type: keyword