planglois925/cwa_parameter_store

## cwa_parameter_store
{
	"logs": {
		"logs_collected": {
			"windows_events": {
				"collect_list": [
					{
						"event_format": "xml",
						"event_levels": [
							"INFORMATION",
							"WARNING",
							"ERROR",
							"CRITICAL"
						],
						"event_name": "System",
						"log_group_name": "System"
					},
					{
						"event_format": "xml",
						"event_levels": [
							"VERBOSE",
							"INFORMATION",
							"WARNING",
							"ERROR",
							"CRITICAL"
						],
						"event_name": "Security",
						"log_group_name": "Security"
					},
                                        {
						"event_format": "xml",
						"event_levels": [
							"VERBOSE",
							"INFORMATION",
							"WARNING",
							"ERROR",
							"CRITICAL"
						],
						"event_name": "Microsoft-Windows-Sysmon/Operational",
						"log_group_name": "Sysmon"
                                 }
				]
			}
		}
	}
}
	{
	"logs": {
	"logs_collected": {
	"windows_events": {
	"collect_list": [
	{
	"event_format": "xml",
	"event_levels": [
	"INFORMATION",
	"WARNING",
	"ERROR",
	"CRITICAL"
	],
	"event_name": "System",
	"log_group_name": "System"
	},
	{
	"event_format": "xml",
	"event_levels": [
	"VERBOSE",
	"INFORMATION",
	"WARNING",
	"ERROR",
	"CRITICAL"
	],
	"event_name": "Security",
	"log_group_name": "Security"
	},
	{
	"event_format": "xml",
	"event_levels": [
	"VERBOSE",
	"INFORMATION",
	"WARNING",
	"ERROR",
	"CRITICAL"
	],
	"event_name": "Microsoft-Windows-Sysmon/Operational",
	"log_group_name": "Sysmon"
	}
	]
	}
	}
	}
	}