Posted On: Jun 26, 2023

Amazon OpenSearch Ingestion now allows you to ingest events from Amazon Security Lake in real-time, reducing the time taken to index your security data in Amazon OpenSearch Service and uncover valuable insights into potential security issues. Amazon Security Lake automatically centralizes security data from AWS environments, SaaS providers and on- premises into a purpose-built data lake. With this integration, customers can now use the extensive security analytics capabilities and rich dashboard visualizations of Amazon OpenSearch Service to quickly make sense of all their security data.

Amazon Security Lake uses the Open Cybersecurity Schema Framework (OCSF) to normalize and combine security data from a broad range of enterprise security data sources in the Apache Parquet format. Amazon OpenSearch Ingestion now supports ingesting data in the Apache Parquet format, allowing customers to ingest data from Amazon Security Lake and use inbuilt processors of Amazon OpenSearch Ingestion to convert the data into JSON documents before indexing in Amazon OpenSearch Service. Amazon OpenSearch Ingestion now also offers a blueprint for ingesting data specifically from Amazon Security Lake. Also as part of this launch, Amazon OpenSearch Ingestion now supports Data Prepper 2.3.0, enabling new features like S3 sink, Avro codec, obfuscation processor, event tagging, advanced expressions and tail sampling. You can check out the complete list of features in this blog post

This feature is available in all the AWS commercial regions where Amazon OpenSearch Ingestion is currently available.