Hi Preston, I didn't get any update on this. I agree, at the moment the plugin is useless without capturing responseElements. I was planning to adopt the usage of Graylog, mostly because of the Cloudtrail plugin. Looking to move into other option, as the plugin is not mature enough, which is a shame because the graylog team did a great job, and would probably take very little to extend the plugin to capture all the Cloudtrail details.
Regards, Fabio. On Friday, July 24, 2015 at 5:33:30 PM UTC+10, Preston Rodriguez wrote: > > No update on this? The plugin is pretty useless without this data > > On Tuesday, March 3, 2015 at 12:10:17 PM UTC-5, Fabio Douek wrote: >> >> Hi, >> >> I'm evaluating Cloud trail plugin for graylog2. Everything is working >> fine, but it seems that is not importing responseElements cloudtrail >> object. Is this the case? >> >> How can I add to import this? That's essential for an auditing solution, >> as at the moment, if I filter by event_name=ConsoleLogin for example, I >> can't track failed authentication. The same thing for most of the events. >> >> Prob the requestElements could also be handy in some cases... >> >> Rubicon Red wins 3 Oracle Excellence Awards for Fusion Middleware >> <http://www.rubiconred.com/rubicon-red-wins-3-oracle-excellence-awards-fusion-middleware/> >> <http://www.rubiconred.com> >> Rubicon Red Privacy Policy <http://www.rubiconred.com/privacy-policy-2/> >> >> -- Rubicon Red wins 3 Oracle Excellence Awards for Fusion Middleware <http://www.rubiconred.com/rubicon-red-wins-3-oracle-excellence-awards-fusion-middleware/> <http://www.rubiconred.com> Rubicon Red Privacy Policy <http://www.rubiconred.com/privacy-policy-2/> -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
