panther_readonlySnowflake user to query the data in Snowflake. By default, this user's role
panther_readonly_roleis only endowed with a minimal set of grants to enable it to access the data in the panther databases. However, if you wish to add your own preexisting datasets to your Panther data-explorer queries (such as HR data, in-house or vendor-provided whitelists/blacklists) you can easily make that data accessible to the role.
SnowflakeMonitorRunFrequencyis set to run a monitoring sweep every 180 minutes. This variable can be adjusted as desired down to a minimum of once every 2 minutes, or up to a maximum of once every 10080 minutes (a week).
/aws/lambda/panther-snowflake-admin-apilog group. The data loading errors are also stored in the data monitoring history table.
panther_monitordatabase, and can be queried via the WebUI or the Panther Data Explorer. Please note that the monitor database is not currently one of the pre-populated data sets in the Panther UI.
pipe_historytable. Pipes that are not in a
RUNNINGstate will generate an alert in CloudWatch and will be recorded as an entry in
load_history-- if a file failed to load (state not
LOAD_IN_PROGRESS) for any reason, the even will be recorded in CloudWatch and also as an entry in the