panther_readonly
Snowflake user to query the data in Snowflake. By default, this user's role panther_readonly_role
is only endowed with a minimal set of grants to enable it to access the data in the panther databases. However, if you wish to add your own preexisting datasets to your Panther data-explorer queries (such as HR data, in-house or vendor-provided whitelists/blacklists) you can easily make that data accessible to the role.panther_monitor.public.pipe_history
panther_monitor.public.load_history
panther_monitor.public.table_history
panther_monitor.public.monitor_history
SnowflakeMonitorRunFrequency
is set to run a monitoring sweep every 180 minutes. This variable can be adjusted as desired down to a minimum of once every 2 minutes, or up to a maximum of once every 10080 minutes (a week)./aws/lambda/panther-snowflake-admin-api
log group. The data loading errors are also stored in the data monitoring history table.panther_monitor
database, and can be queried via the WebUI or the Panther Data Explorer. Please note that the monitor database is not currently one of the pre-populated data sets in the Panther UI.pipe_history
table. Pipes that are not in a RUNNING
state will generate an alert in CloudWatch and will be recorded as an entry in monitor_history
load_history
-- if a file failed to load (state not LOADED
or LOAD_IN_PROGRESS
) for any reason, the even will be recorded in CloudWatch and also as an entry in the monitor_history
table.