AWS – Security analytics in OpenSearch Service now supports OCSF and custom logs
Security analytics in Amazon OpenSearch Service adds native support for Open Cybersecurity Schema Framework (OCSF) formatted data and provides security detection rules for OCSF data ingested from Amazon Security Lake. In addition, security analytics also supports ingesting virtually any custom log type and creating custom detection rules. Correlation engine helps reduce incident response time by analyzing and highlighting connections between potential security incidents.
Read More for the details.