ELB Service: Log Parser skipping lots of lines

[alexzon]

Describe the bug

When deploying an ELB Service Log Pipeline, a Lambda Function named xxxxxx-LogProcessorFn is deployed with the description: "Function to process and load ELB logs into OpenSearch"

Inside this Lambda, there's the file util/log_parser.py

In the ELB Python class, the method parse (line 88) checks if a line from the log file matches a specific RegEx pattern.
If it doesn't, the line is skipped and not sent to OpenSearch.

The bug is in the block ([A-Z0-9-]+) from the pattern, related to the field ssl_cipher (documentation).

A lot of log entries uses the character _ instead of - in this field. When it happens, the line is skipped.

Expected Behavior

Not to skip log lines that use the character _ on the ssl_cipher field.

Current Behavior

Lines that use the character _ on the ssl_cipher field are skipped by the Log Parser.
Example: TLS_AES_128_GCM_SHA256

Reproduction Steps

Ingest any log file with the character _ in the ssl_cipher field.

Possible Solution

Add the _ character in the RegEx block. Like this: ([A-Z0-9-_]+)
I believe this is the correct file to make the change (line 165).

Additional Information/Context

No response

Solution Version

2.0.1

AWS Region. e.g., us-east-1

No response

Other information

No response

[JoeShi]

Will be fix in v2.2