Hello,
We have multiple cloudtrail accounts in our s3 bucket. eg:-
my- bucket --> AwsLogs --> 12312312312 --> team-x
12312312222 --> team-y
22222222222 --> team-z
We want to ingest all the logs via logstash but we want to name the index based on each account number.
So when logstash tries to ingest data from 12312312312 folder/prefix it should index it with name team-x-YYYY-MM-DD and so on with other prefixes as well.
Let me know if you wanna know or want me to explain more on my need.
--
Niraj