@aws-sdk/client-cloudwatch-logs 3.830.0 → 3.832.0

package/dist-cjs/index.js

@@ -75,6 +75,7 @@ __export(index_exports, {
   Distribution: () => Distribution,
   EntityRejectionErrorType: () => EntityRejectionErrorType,
   EvaluationFrequency: () => EvaluationFrequency,
+  EventSource: () => EventSource,
   ExportTaskStatusCode: () => ExportTaskStatusCode,
   FilterLogEventsCommand: () => FilterLogEventsCommand,
   FlattenedElement: () => FlattenedElement,
@@ -108,6 +109,7 @@ __export(index_exports, {
   ListTagsLogGroupCommand: () => ListTagsLogGroupCommand,
   LogGroupClass: () => LogGroupClass,
   MalformedQueryException: () => MalformedQueryException,
+  OCSFVersion: () => OCSFVersion,
   OpenSearchResourceStatusType: () => OpenSearchResourceStatusType,
   OperationAbortedException: () => OperationAbortedException,
   OrderBy: () => OrderBy,
@@ -719,6 +721,13 @@ var EntityRejectionErrorType = {
   MISSING_REQUIRED_FIELDS: "MissingRequiredFields",
   UNSUPPORTED_LOG_GROUP_TYPE: "UnsupportedLogGroupType"
 };
+var EventSource = {
+  AWSWAF: "AWSWAF",
+  CLOUD_TRAIL: "CloudTrail",
+  EKS_AUDIT: "EKSAudit",
+  ROUTE53_RESOLVER: "Route53Resolver",
+  VPC_FLOW: "VPCFlow"
+};
 var FlattenedElement = {
   FIRST: "first",
   LAST: "last"
@@ -744,6 +753,9 @@ var IntegrationStatus = {
 var IntegrationType = {
   OPENSEARCH: "OPENSEARCH"
 };
+var OCSFVersion = {
+  V1_1: "V1.1"
+};
 var Type = {
   BOOLEAN: "boolean",
   DOUBLE: "double",
@@ -4608,11 +4620,13 @@ var paginateListLogGroupsForQuery = (0, import_core.createPaginator)(CloudWatchL
   QueryStatus,
   Distribution,
   EntityRejectionErrorType,
+  EventSource,
   FlattenedElement,
   OpenSearchResourceStatusType,
   IntegrationDetails,
   IntegrationStatus,
   IntegrationType,
+  OCSFVersion,
   Type,
   InvalidSequenceTokenException,
   SuppressionState,

package/dist-es/models/models_0.js

@@ -285,6 +285,13 @@ export const EntityRejectionErrorType = {
     MISSING_REQUIRED_FIELDS: "MissingRequiredFields",
     UNSUPPORTED_LOG_GROUP_TYPE: "UnsupportedLogGroupType",
 };
+export const EventSource = {
+    AWSWAF: "AWSWAF",
+    CLOUD_TRAIL: "CloudTrail",
+    EKS_AUDIT: "EKSAudit",
+    ROUTE53_RESOLVER: "Route53Resolver",
+    VPC_FLOW: "VPCFlow",
+};
 export const FlattenedElement = {
     FIRST: "first",
     LAST: "last",
@@ -310,6 +317,9 @@ export const IntegrationStatus = {
 export const IntegrationType = {
     OPENSEARCH: "OPENSEARCH",
 };
+export const OCSFVersion = {
+    V1_1: "V1.1",
+};
 export const Type = {
     BOOLEAN: "boolean",
     DOUBLE: "double",

package/dist-types/commands/GetTransformerCommand.d.ts

@@ -134,6 +134,11 @@ declare const GetTransformerCommand_base: {
  * //       parseRoute53: { // ParseRoute53
  * //         source: "STRING_VALUE",
  * //       },
+ * //       parseToOCSF: { // ParseToOCSF
+ * //         source: "STRING_VALUE",
+ * //         eventSource: "CloudTrail" || "Route53Resolver" || "VPCFlow" || "EKSAudit" || "AWSWAF", // required
+ * //         ocsfVersion: "V1.1", // required
+ * //       },
  * //       parsePostgres: { // ParsePostgres
  * //         source: "STRING_VALUE",
  * //       },

package/dist-types/commands/PutLogEventsCommand.d.ts

@@ -42,12 +42,10 @@ declare const PutLogEventsCommand_base: {
  *           all event messages in UTF-8, plus 26 bytes for each log event.</p>
  *             </li>
  *             <li>
- *                <p>None of the log events in the batch can be more than 2 hours in the future.</p>
+ *                <p>Events more than 2 hours in the future are rejected while processing remaining valid events.</p>
  *             </li>
  *             <li>
- *                <p>None of the log events in the batch can be more than 14 days in the past. Also,
- *           none of the log events can be from earlier than the retention period of the log
- *           group.</p>
+ *                <p>Events older than 14 days or preceding the log group's retention period are rejected while processing remaining valid events.</p>
  *             </li>
  *             <li>
  *                <p>The log events in the batch must be in chronological order by their timestamp. The
@@ -57,7 +55,7 @@ declare const PutLogEventsCommand_base: {
  *             <code>yyyy-mm-ddThh:mm:ss</code>. For example, <code>2017-09-15T13:45:30</code>.) </p>
  *             </li>
  *             <li>
- *                <p>A batch of log events in a single request cannot span more than 24 hours. Otherwise, the operation fails.</p>
+ *                <p> A batch of log events in a single request must be in a chronological order. Otherwise, the operation fails.</p>
  *             </li>
  *             <li>
  *                <p>Each log event can be no larger than 1 MB.</p>
@@ -66,14 +64,15 @@ declare const PutLogEventsCommand_base: {
  *                <p>The maximum number of log events in a batch is 10,000.</p>
  *             </li>
  *             <li>
- *                <important>
- *                   <p>The quota of five requests per second per log stream
- *           has been removed. Instead, <code>PutLogEvents</code> actions are throttled based on a
- *         per-second per-account quota. You can request an increase to the per-second throttling
- *         quota by using the Service Quotas service.</p>
- *                </important>
+ *                <p>For valid events (within 14 days in the past to 2 hours in future), the time span in a single batch cannot exceed 24 hours. Otherwise, the operation fails.</p>
  *             </li>
  *          </ul>
+ *          <important>
+ *             <p>The quota of five requests per second per log stream
+ *       has been removed. Instead, <code>PutLogEvents</code> actions are throttled based on a
+ *       per-second per-account quota. You can request an increase to the per-second throttling
+ *       quota by using the Service Quotas service.</p>
+ *          </important>
  *          <p>If a call to <code>PutLogEvents</code> returns "UnrecognizedClientException" the most
  *       likely cause is a non-valid Amazon Web Services access key ID or secret key. </p>
  * @example

package/dist-types/commands/PutTransformerCommand.d.ts

@@ -144,6 +144,11 @@ declare const PutTransformerCommand_base: {
  *       parseRoute53: { // ParseRoute53
  *         source: "STRING_VALUE",
  *       },
+ *       parseToOCSF: { // ParseToOCSF
+ *         source: "STRING_VALUE",
+ *         eventSource: "CloudTrail" || "Route53Resolver" || "VPCFlow" || "EKSAudit" || "AWSWAF", // required
+ *         ocsfVersion: "V1.1", // required
+ *       },
  *       parsePostgres: { // ParsePostgres
  *         source: "STRING_VALUE",
  *       },

package/dist-types/commands/TestTransformerCommand.d.ts

@@ -125,6 +125,11 @@ declare const TestTransformerCommand_base: {
  *       parseRoute53: { // ParseRoute53
  *         source: "STRING_VALUE",
  *       },
+ *       parseToOCSF: { // ParseToOCSF
+ *         source: "STRING_VALUE",
+ *         eventSource: "CloudTrail" || "Route53Resolver" || "VPCFlow" || "EKSAudit" || "AWSWAF", // required
+ *         ocsfVersion: "V1.1", // required
+ *       },
  *       parsePostgres: { // ParsePostgres
  *         source: "STRING_VALUE",
  *       },

package/dist-types/models/models_0.d.ts

@@ -3164,6 +3164,21 @@ export declare const EntityRejectionErrorType: {
  * @public
  */
 export type EntityRejectionErrorType = (typeof EntityRejectionErrorType)[keyof typeof EntityRejectionErrorType];
+/**
+ * @public
+ * @enum
+ */
+export declare const EventSource: {
+    readonly AWSWAF: "AWSWAF";
+    readonly CLOUD_TRAIL: "CloudTrail";
+    readonly EKS_AUDIT: "EKSAudit";
+    readonly ROUTE53_RESOLVER: "Route53Resolver";
+    readonly VPC_FLOW: "VPCFlow";
+};
+/**
+ * @public
+ */
+export type EventSource = (typeof EventSource)[keyof typeof EventSource];
 /**
  * <p>Represents a matched event.</p>
  * @public
@@ -4476,6 +4491,40 @@ export interface ParseRoute53 {
      */
     source?: string | undefined;
 }
+/**
+ * @public
+ * @enum
+ */
+export declare const OCSFVersion: {
+    readonly V1_1: "V1.1";
+};
+/**
+ * @public
+ */
+export type OCSFVersion = (typeof OCSFVersion)[keyof typeof OCSFVersion];
+/**
+ * <p>This processor converts logs into <a href="https://ocsf.io">Open Cybersecurity Schema Framework (OCSF)</a> events.</p>
+ *          <p>For more information about this processor including examples, see <a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseToOCSF">
+ *       parseToOSCF</a> in the <i>CloudWatch Logs User Guide</i>.</p>
+ * @public
+ */
+export interface ParseToOCSF {
+    /**
+     * <p>The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed.</p>
+     * @public
+     */
+    source?: string | undefined;
+    /**
+     * <p>Specify the service or process that produces the log events that will be converted with this processor.</p>
+     * @public
+     */
+    eventSource: EventSource | undefined;
+    /**
+     * <p>Specify which version of the OCSF schema to use for the transformed log events.</p>
+     * @public
+     */
+    ocsfVersion: OCSFVersion | undefined;
+}
 /**
  * <p>Use this processor to parse Amazon VPC vended logs, extract fields, and and convert them into a JSON format. This processor always
  *        processes the entire log event message.</p>
@@ -4779,6 +4828,11 @@ export interface Processor {
      * @public
      */
     parseRoute53?: ParseRoute53 | undefined;
+    /**
+     * <p>Use this processor to convert logs into Open Cybersecurity Schema Framework (OCSF) format</p>
+     * @public
+     */
+    parseToOCSF?: ParseToOCSF | undefined;
     /**
      * <p>Use this parameter to include the <a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres">
      *        parsePostGres</a> processor in your transformer.</p>
@@ -5668,6 +5722,10 @@ export interface PutDeliverySourceRequest {
      *          <code>AD_DECISION_SERVER_LOGS</code>, <code>MANIFEST_SERVICE_LOGS</code>, and <code>TRANSCODE_LOGS</code>.</p>
      *             </li>
      *             <li>
+     *                <p>For Entity Resolution, the valid value is
+     *          <code>WORKFLOW_LOGS</code>.</p>
+     *             </li>
+     *             <li>
      *                <p>For IAM Identity Center, the valid value is
      *          <code>ERROR_LOGS</code>.</p>
      *             </li>
@@ -5676,8 +5734,8 @@ export interface PutDeliverySourceRequest {
      *          <code>EVENT_LOGS</code>.</p>
      *             </li>
      *             <li>
-     *                <p>For Amazon SES mail manager, the valid value is
-     *          <code>APPLICATION_LOG</code>.</p>
+     *                <p>For Amazon SES mail manager, the valid values are
+     *          <code>APPLICATION_LOG</code> and <code>TRAFFIC_POLICY_DEBUG_LOGS</code>.</p>
      *             </li>
      *             <li>
      *                <p>For Amazon WorkMail, the valid values are

package/dist-types/ts3.4/models/models_0.d.ts

@@ -784,6 +784,14 @@ export declare const EntityRejectionErrorType: {
 };
 export type EntityRejectionErrorType =
   (typeof EntityRejectionErrorType)[keyof typeof EntityRejectionErrorType];
+export declare const EventSource: {
+  readonly AWSWAF: "AWSWAF";
+  readonly CLOUD_TRAIL: "CloudTrail";
+  readonly EKS_AUDIT: "EKSAudit";
+  readonly ROUTE53_RESOLVER: "Route53Resolver";
+  readonly VPC_FLOW: "VPCFlow";
+};
+export type EventSource = (typeof EventSource)[keyof typeof EventSource];
 export interface FilteredLogEvent {
   logStreamName?: string | undefined;
   timestamp?: number | undefined;
@@ -1073,6 +1081,15 @@ export interface ParsePostgres {
 export interface ParseRoute53 {
   source?: string | undefined;
 }
+export declare const OCSFVersion: {
+  readonly V1_1: "V1.1";
+};
+export type OCSFVersion = (typeof OCSFVersion)[keyof typeof OCSFVersion];
+export interface ParseToOCSF {
+  source?: string | undefined;
+  eventSource: EventSource | undefined;
+  ocsfVersion: OCSFVersion | undefined;
+}
 export interface ParseVPC {
   source?: string | undefined;
 }
@@ -1136,6 +1153,7 @@ export interface Processor {
   parseJSON?: ParseJSON | undefined;
   parseKeyValue?: ParseKeyValue | undefined;
   parseRoute53?: ParseRoute53 | undefined;
+  parseToOCSF?: ParseToOCSF | undefined;
   parsePostgres?: ParsePostgres | undefined;
   parseVPC?: ParseVPC | undefined;
   parseWAF?: ParseWAF | undefined;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-cloudwatch-logs",
   "description": "AWS SDK for JavaScript Cloudwatch Logs Client for Node.js, Browser and React Native",
-  "version": "3.830.0",
+  "version": "3.832.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "node ../../scripts/compilation/inline client-cloudwatch-logs",