cloudtrail (读取 Records 字段)
Cloudtrail Transformer 是针对 AWS CloudTrail 的数据做格式转换的 Transformer,可以将 CloudTrail 的 json 格式中的 Records逐条变为数据。
示例:
将数据由一条:
{"Records": [{
"eventVersion": "1.04",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:user/Alice",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"userName": "Alice"
},
"eventTime": "2016-07-14T19:15:45Z",
"eventSource": "cloudtrail.amazonaws.com",
"eventName": "UpdateTrail",
"awsRegion": "us-east-2",
"sourceIPAddress": "205.251.233.182",
"userAgent": "aws-cli/1.10.32 Python/2.7.9 Windows/7 botocore/1.4.22",
"errorCode": "TrailNotFoundException",
"errorMessage": "Unknown trail: myTrail2 for the user: 123456789012",
"requestParameters": {"name": "myTrail2"},
"responseElements": null,
"requestID": "5d40662a-49f7-11e6-97e4-d9cb6ff7d6a3",
"eventID": "b7d4398e-b2f0-4faa-9c76-e2d316a8d67f",
"eventType": "AwsApiCall",
"recipientAccountId": "123456789012"
},{
"eventVersion": "1.0",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:user/Alice",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"userName": "Alice"
},
"eventTime": "2014-03-24T21:11:59Z",
"eventSource": "iam.amazonaws.com",
"eventName": "CreateUser",
"awsRegion": "us-east-2",
"sourceIPAddress": "127.0.0.1",
"userAgent": "aws-cli/1.3.2 Python/2.7.5 Windows/7",
"requestParameters": {"userName": "Bob"},
"responseElements": {"user": {
"createDate": "Mar 24, 2014 9:11:59 PM",
"userName": "Bob",
"arn": "arn:aws:iam::123456789012:user/Bob",
"path": "/",
"userId": "EXAMPLEUSERID"
}}
}]}
转变为两条:
{
"eventVersion": "1.04",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:user/Alice",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"userName": "Alice"
},
"eventTime": "2016-07-14T19:15:45Z",
"eventSource": "cloudtrail.amazonaws.com",
"eventName": "UpdateTrail",
"awsRegion": "us-east-2",
"sourceIPAddress": "205.251.233.182",
"userAgent": "aws-cli/1.10.32 Python/2.7.9 Windows/7 botocore/1.4.22",
"errorCode": "TrailNotFoundException",
"errorMessage": "Unknown trail: myTrail2 for the user: 123456789012",
"requestParameters": {"name": "myTrail2"},
"responseElements": null,
"requestID": "5d40662a-49f7-11e6-97e4-d9cb6ff7d6a3",
"eventID": "b7d4398e-b2f0-4faa-9c76-e2d316a8d67f",
"eventType": "AwsApiCall",
"recipientAccountId": "123456789012"
}
{
"eventVersion": "1.0",
"userIdentity": {
"type": "IAMUser",
"principalId": "EX_PRINCIPAL_ID",
"arn": "arn:aws:iam::123456789012:user/Alice",
"accountId": "123456789012",
"accessKeyId": "EXAMPLE_KEY_ID",
"userName": "Alice"
},
"eventTime": "2014-03-24T21:11:59Z",
"eventSource": "iam.amazonaws.com",
"eventName": "CreateUser",
"awsRegion": "us-east-2",
"sourceIPAddress": "127.0.0.1",
"userAgent": "aws-cli/1.3.2 Python/2.7.5 Windows/7",
"requestParameters": {"userName": "Bob"},
"responseElements": {"user": {
"createDate": "Mar 24, 2014 9:11:59 PM",
"userName": "Bob",
"arn": "arn:aws:iam::123456789012:user/Bob",
"path": "/",
"userId": "EXAMPLEUSERID"
}}
}
文档反馈
(如有产品使用问题,请 提交工单)
售前 
售后 