This is a customized snippet using Vega.
The original idea is from https://github.com/aws-solutions/centralized-logging-with-opensearch, but this is customised to consume OCSF logs injected into Security Lake
Some tips:
- To debug Vega scripts, you can use
VEGA_DEBUG.view.data('rawData')
into your browser console to retrieve the data in rawData (look at the beginning of the file above) - Not sure how to programatically inject this code, but if you need to create this in your own dashboard, you can add a new visualization as Vega, and copy and paste the code above.