streamalert configuration for s3 is not working as expected

[usman-zulfiqar]

Background

Hi Team, I configured streamalert on ECE instance with SNS and it's triggering alerts as expected but when I tried to do the same for s3 and kinesis it's not working. Surprisingly there is no error and it's not triggering any alerts. One possible issue I could relate is there is a warning. when I hit terraform plan it says a configuration file is missing (a .tf file) and configuration is incomplete.

I am sure I am following the documentation and everything looks sane and justified. I appreciate it if anyone helps me out on this. I was looking at the possibilities on which I might have gone wrong.

Below is the rule and prod.json I am using

@rule(    logs=['cloudwatch:events'], outputs : ['aws-sns:test-email'],   req_subkeys={    'detail': ['requestParameters', 'eventName']

{
  "id": "s3-events-example",
  "classifier_config": {
    "enable_custom_metrics": true,
    "log_level": "info",
    "log_retention_days": 14,
    "memory": 128,
    "timeout": 60
  },
  "data_sources": {
    "s3": {
      "bucket_name_01": [
        "cloudtrail"
      ],
      "bucket_name_02": [
        "cloudtrail"
      ]
    }
  },
  "modules": {
    "s3_events": {
      "bucket_name_01": [
        {
          "filter_prefix": "AWSLogs/1234",
          "filter_suffix": ".log"
        },
        {
          "filter_prefix": "AWSLogs/5678"
        }
      ],
      "bucket_name_02": []
    }
  }
}

NOTE: Before filing this issue, please consider the following:

Have you tried pinging us on Slack? Yes, I did but no luck https://streamalert.herokuapp.com/

Are you on the latest version of StreamAlert? Yes

Description

Steps to Reproduce: I followed the documentation of stream alert

Desired Change

High level overview of the desired change or outcome. I am not getting any alarm despite following every detail mentioned in the documentation