To support additional data sources and destinations, it would be nice to be able to tag events by their source, and then be able to filter events by destination, so that different types or severities of events could be sent to different sources.
A basic idea on this would be to have a tags option in the cloud formation for a source, like
type: cloudfront, level: warn.
It would also be nice to allow for more dynamic options. Although I'm not a huge fan of the syntax, it wouldn't be very hard to set the system up to support JMESPath. With such a thing, we could have something like
or
level: ${(@.starts_with(errorCode,`AccessDenied`) || @.ends_with(errorCode, `UnauthorizedOperation`)) && `"critical"`}
To support additional data sources and destinations, it would be nice to be able to tag events by their source, and then be able to filter events by destination, so that different types or severities of events could be sent to different sources.
A basic idea on this would be to have a tags option in the cloud formation for a source, like
type: cloudfront, level: warn.It would also be nice to allow for more dynamic options. Although I'm not a huge fan of the syntax, it wouldn't be very hard to set the system up to support JMESPath. With such a thing, we could have something like
or