Security analytics in Amazon OpenSearch Service adds native support for Open Cybersecurity Schema Framework (OCSF) formatted data and provides security detection rules for OCSF data ingested from Amazon Security Lake. In addition, security analytics also supports ingesting virtually any custom log type and creating custom detection rules. Correlation engine helps reduce incident response time by analyzing and highlighting connections between potential security incidents.
Source:: Amazon AWS