Type of issue
Missing information
What documentation page is affected
https://www.elastic.co/docs/reference/integrations/aws/cloudtrail
What happened?
According to the following Support Page, we have an option to limit Integration to collect only information inside of a specific Timestamp.
https://support.elastic.co/knowledge/2a0cc449
Specifically the options ignore_older and start_timestamp can help the customer to limit the ingestion of older logs in their AWS Bucket.
This is important in case the toggle "Collect Logs via S3 Bucket" is selected and a SQS Queue URL is provided on the "[SQS] Queue URL".
We noticed that without the options above, the Integration might crash the host with OOM errors.
If possible, we would like to ask to add this information in the Integration page, to make it clear that pulling data from S3 Buckets without this setting filled out can cause performance issues.
Additional info
No response
Type of issue
Missing information
What documentation page is affected
https://www.elastic.co/docs/reference/integrations/aws/cloudtrail
What happened?
According to the following Support Page, we have an option to limit Integration to collect only information inside of a specific Timestamp.
https://support.elastic.co/knowledge/2a0cc449
Specifically the options
ignore_olderandstart_timestampcan help the customer to limit the ingestion of older logs in their AWS Bucket.This is important in case the toggle "Collect Logs via S3 Bucket" is selected and a SQS Queue URL is provided on the "[SQS] Queue URL".
We noticed that without the options above, the Integration might crash the host with OOM errors.
If possible, we would like to ask to add this information in the Integration page, to make it clear that pulling data from S3 Buckets without this setting filled out can cause performance issues.
Additional info
No response