[AWS S3] Introduce start timestamp and ignore older timespan to AWS S3 based integrations #12645
Conversation
Kavindu-Dodan
force-pushed
the
feat/s3-start-and-ignore-older-timestamps
branch
3 times, most recently
from
888b269 to
2540178
Compare
🚀 Benchmarks reportTo see the full report comment with |
Kavindu-Dodan
added
the
Team:obs-ds-hosted-services
Kavindu-Dodan
changed the title
packages/cloudflare_logpush/data_stream/audit/agent/stream/aws-s3.yml.hbs
Show resolved
Hide resolved
packages/cloudflare_logpush/data_stream/casb/agent/stream/aws-s3.yml.hbs
Show resolved
Hide resolved
|
@Kavindu-Dodan , could you please consider backporting the beats changes so that we can bump up the package versions only to cc @zmoog |
Kavindu-Dodan
force-pushed
the
feat/s3-start-and-ignore-older-timestamps
branch
from
2540178 to
58cdb90
Compare
Kavindu-Dodan
force-pushed
the
feat/s3-start-and-ignore-older-timestamps
branch
3 times, most recently
from
9fc363c to
93ea04f
Compare
|
@Kavindu-Dodan , we have a great illustration of this feature's behaviour as part of the description of this issue. Do you think that it will be good to include this illustration in AWS documentation? Reference: Azure Integration I think, if we include this illustration, it would avoid misconfiguration of this setting. @andrewkroh, could you please share your opinion - if it is a good idea to include the illustration as part of the AWS documentation? The changes look good to me. As discussed, kindly merge the changes after the |
|
@agithomas good point on the documentation. I thought of adding some diagrams, but when checking the current AWS integration documentation, I couldn't find a suitable place to add the details. So I went with detailed descriptions for the integration input fields instead. Anyway, let me know if there's better placement for detailed documentation. |
Kavindu-Dodan
force-pushed
the
feat/s3-start-and-ignore-older-timestamps
branch
from
93ea04f to
c7c60dc
Compare
There was a problem hiding this comment.
@andrewkroh, could you please share your opinion - if it is a good idea to include the illustration as part of the AWS documentation?
Personally, I don't think they are necessary to convey the meaning of the configuration options. If we need to provide additional context, then I would suggest linking to the reference docs like, "See the [input reference documentation] for more details." And add images in the reference docs.
Thanks @andrewkroh for your inputs. Yes, i agree that it would be the best approach. @Kavindu-Dodan , it need not be part of this PR, it could be a separate PR by including the documentation team as reviewers. |
Kavindu-Dodan
force-pushed
the
feat/s3-start-and-ignore-older-timestamps
branch
2 times, most recently
from
1b23f2f to
241160f
Compare
|
Marking as draft and avoiding merging till the First week of March 2025 |
Kavindu-Dodan
force-pushed
the
feat/s3-start-and-ignore-older-timestamps
branch
from
50451df to
05fb24d
Compare
|
/test |
Signed-off-by: Kavindu Dodanduwa <[email protected]>
Signed-off-by: Kavindu Dodanduwa <[email protected]>
Kavindu-Dodan
force-pushed
the
feat/s3-start-and-ignore-older-timestamps
branch
from
05fb24d to
4f790da
Compare
There was a problem hiding this comment.
Merging today as 8.16.5 was released and available - https://www.elastic.co/blog/elastic-stack-8-16-5-released
💚 Build Succeeded
History
|
|
|
Package amazon_security_lake - 2.5.0 containing this change is available at https://epr.elastic.co/package/amazon_security_lake/2.5.0/ |
|
Package aws - 2.42.0 containing this change is available at https://epr.elastic.co/package/aws/2.42.0/ |
|
Package aws_bedrock - 1.2.0 containing this change is available at https://epr.elastic.co/package/aws_bedrock/1.2.0/ |
|
Package aws_logs - 1.8.0 containing this change is available at https://epr.elastic.co/package/aws_logs/1.8.0/ |
|
Package canva - 0.6.0 containing this change is available at https://epr.elastic.co/package/canva/0.6.0/ |
|
Package carbon_black_cloud - 2.9.0 containing this change is available at https://epr.elastic.co/package/carbon_black_cloud/2.9.0/ |
|
Package cisco_umbrella - 1.30.0 containing this change is available at https://epr.elastic.co/package/cisco_umbrella/1.30.0/ |
|
Package cloudflare_logpush - 1.35.0 containing this change is available at https://epr.elastic.co/package/cloudflare_logpush/1.35.0/ |
|
Package f5_bigip - 1.27.0 containing this change is available at https://epr.elastic.co/package/f5_bigip/1.27.0/ |
|
Package imperva_cloud_waf - 1.9.0 containing this change is available at https://epr.elastic.co/package/imperva_cloud_waf/1.9.0/ |
|
Package jamf_protect - 2.11.0 containing this change is available at https://epr.elastic.co/package/jamf_protect/2.11.0/ |
|
Package sentinel_one_cloud_funnel - 1.10.0 containing this change is available at https://epr.elastic.co/package/sentinel_one_cloud_funnel/1.10.0/ |
|
Package servicenow - 0.11.0 containing this change is available at https://epr.elastic.co/package/servicenow/0.11.0/ |
|
Package sublime_security - 1.7.0 containing this change is available at https://epr.elastic.co/package/sublime_security/1.7.0/ |
|
Package symantec_endpoint_security - 1.9.0 containing this change is available at https://epr.elastic.co/package/symantec_endpoint_security/1.9.0/ |
|
Package tanium - 1.16.0 containing this change is available at https://epr.elastic.co/package/tanium/1.16.0/ |
|
Package trellix_edr_cloud - 1.8.0 containing this change is available at https://epr.elastic.co/package/trellix_edr_cloud/1.8.0/ |
Proposed commit message
Introduce
Ignore Older TimespanandStart Timestampproperties to integrations backed by AWS S3 input,Configuring these properties allows S3 input to efficiently manage its internal registry. For example, setting
Ignore Older Timespanto2hmakes the S3 input registry only track entries within the last 2 hours. Once entries are beyond the timespan, input can remove them from the registry, thus reducing memory consumption.Checklist
changelog.ymlfile.Related issues
Screenshots
Configuration rendered (Title matching existing format)