LogoLogo
WebsiteBlogLogin
  • Onum Docs
  • Use Cases
  • Videos
  • Release Notes
  • Welcome
  • Getting Started
    • About Onum
    • Architecture
    • Deployment
    • Getting Started with Onum
    • Understanding The Essentials
      • Cards and Table Views
      • Data Types
      • Graph Calculations
      • The Time Range Selector
    • Key Terminology
  • THE WORKSPACE
    • Home
    • Listeners
      • Cloud Listeners
      • Listener Integrations
        • Amazon SQS
        • Amazon S3
        • Apache Kafka
        • Azure Event Hubs
        • Cisco NetFlow
        • Google Pub/Sub
        • HTTP
        • Microsoft 365
        • OpenTelemetry
        • Syslog
        • TCP
      • Labels
    • Pipelines
      • Building a Pipeline
        • AI Assistant
          • AI Pipeline Assistant
          • AI Action Assistant
      • Listeners
      • Actions
        • Advanced
          • Anonymizer
          • Bring Your Own Code
          • Field Generator
          • For Each
          • Google DLP
          • HTTP Request
          • Redis
        • Aggregation
          • Accumulator
          • Group By
        • AI
          • Amazon GenAI
          • BLIP-2
          • Cog
          • Google GenAI
          • Llama
          • Replicate
        • Detection
          • Sigma Rules
        • Enrichment
          • Lookup
        • Filtering
          • Conditional
          • Sampling
        • Formatting
          • Message Builder
        • Transformation
          • Field Transformation
            • Field Transformation Operations
              • Arithmetic / Logic
                • Divide Operation
                • Median
                • Multiply Operation
                • Subtract Operation
                • Sum Operation
              • Code tidy
                • JSON Minify
              • Control characters
                • Escape String
                • Unescape String
              • Conversion
                • Convert Area
                • Convert Data Units
                • Convert Distance
                • Convert Mass
                • Convert Speed
                • List to String
                • String to List
              • Data format
                • From Base
                • From Base64
                • From Hex
                • To Base
                • To Base64
                • To Hex
              • Date / Time
                • From Unix Timestamp
                • To Timestamp
                • To Unix Timestamp
                • Translate Datetime Format
              • Encoding / Decoding
                • From Binary
                • To Binary
                • To Decimal
              • Encryption / Encoding
                • JWT Decode
              • File system permissions
                • Parse Unix file permissions
              • Format conversion
                • CSV to JSON
                • JSON to CSV
              • Hashing
                • Keccak
                • MD2
                • MD4
                • MD5
                • SHA0
                • SHA1
                • SHA2
                • SHA3
                • Shake
                • SM3
              • Networking
                • Defang IP Address
                • Defang URL
                • Extract IP Address
                • Fang IP Address
                • Fang URLs
                • IP to Hexadecimal
                • Parse URI
                • URL Decode
                • URL Encode
              • Other
                • Parse Int
              • String
                • Length
              • Text sample adding
                • Pad Lines
              • Utils
                • Byte to Human Readable
                • Count Occurrences
                • CRC8 Checksum
                • CRC16 Checksum
                • CRC24 Checksum
                • CRC32 Checksum
                • Credit Card Obfuscator
                • Filter
                • Find and Replace
                • Regex
                • Remove Whitespace
                • Reverse String
                • Shuffle
                • Sort
                • Substring
                • Swap Case
                • To Lower Case
                • To Upper Case
          • Flat JSON
          • JSON Unroll
          • Math Expression
          • Parser
            • PCL (Parser Configuration Language)
        • Utils
          • Unique
      • Data sinks
      • Bulk Changes
      • Publishing & Versioning
      • Test your Pipeline
    • Data sinks
      • Data sink Integrations
        • Amazon SQS
        • Amazon S3
        • Azure Blob Storage
        • Azure Event Hubs
        • Devo
        • Google BigQuery
        • Google Cloud Storage
        • Google Pub/Sub
        • HTTP
        • Jira
        • Mail
        • Null
        • OpenTelemetry
        • PagerDuty
        • Pushover
        • Qradar
        • Relational Databases
        • ServiceNow
        • Slack
        • Splunk HEC
        • Syslog
        • TCP
        • Telegram
        • Twilio
    • Alerts
  • YOUR VAULT
    • Enrichment
    • Data History
    • Actions
  • ADMINISTRATION
    • Tenant Menu
    • Global Settings
      • Your Account
      • Organization Settings
        • Secrets Management
      • Tenant
        • Authentication
        • Users
        • Activity Log
  • MARKETPLACE
    • Onum Marketplace
Powered by GitBook
On this page
  • Overview
  • Ports
  • Configuration
  • Example

Was this helpful?

Export as PDF
  1. THE WORKSPACE
  2. Pipelines
  3. Actions
  4. AI

Amazon GenAI

PreviousAINextBLIP-2

Last updated 2 days ago

Was this helpful?

See the changelog of this Action type .

Note that this Action is only available in Tenants with access to Amazon Bedrock. if you don't see it and want to access it.

Overview

The Amazon GenAI Action allows users to enrich events by generating structured outputs using models hosted on Amazon Bedrock, such as Claude, Titan, or Jurassic.

In order to configure this action, you must first link it to a Listener. Go to to learn how this works.

Ports

These are the input and output ports of this Action:

Input ports
  • Default port - All the events to be processed by this Action enter through this port.

Output ports
  • Default port - Events are sent through this port if no error occurs while processing them.

  • Error port - Events are sent through this port if an error occurs while processing them.

Configuration

1

Find Amazon GenAI in the Actions tab (under the AI group) and drag it onto the canvas.

2

To open the configuration, click the Action in the canvas and select Configuration.

3

Enter the required parameters:

Parameter
Description

Region*

Choose the Google Cloud location for AWS (e.g., eu-central-1). Your region is displayed in the top right-hand corner of your AWS console.

Model*

Enter your Model ID or Model Inference Profile (arn) e.g. e.g., arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2

  • Go to Model Access in the left sidebar.

  • You’ll see a list of available foundation models (FMs) like Anthropic Claude, AI21, Amazon Titan, Meta Llama, etc.

  • Click on a model to view its Model ID (e.g., anthropic.claude-v2) and ARN (e.g., arn:aws:bedrock:us-east-1::foundation-model/anthropic.claude-v2).

System Instructions

Optional instructions to influence the behavior of the model (e.g., "You are a security analyst...").

Prompt Field*

Select the field in the event containing the prompt to send to the model. Must be string. This field will be sent as-is to the model.

Amazon Bedrock models support both English and multilingual prompts, depending on the model selected.

Temperature

Adjusts randomness of outputs: greater than 1 is random, 0 is deterministic, and 0.75 is a good starting value. Default value is 0.1

Max Tokens

Maximum number of tokens to generate. A word is generally 2-3 tokens. The default value is 128 (min 1, max 8892).

Top P

Top P sets a probability threshold to limit the pool of possible next words. Whereas temperature controls how random the selection is,top_p controls how many options are considered. Range: 0–1. Default is 1.0.

JSON credentials*

Provide the secret JSON credentials used to authenticate against Amazon Bedrock.

Output Field*

Give a name to the output field that will return the evaluation.

4

Click Save to complete.

Use conditional logic upstream to prevent sending unstructured or non-informative prompts to the model, helping to optimize costs and relevance.

Example

Read our use case to learn how to use this Action in a real cybersecurity scenario.

Go to the .

Amazon Bedrock console
Get in touch with us
Building a Pipeline
here
Cover

Using Amazon GenAI to classify HTTP logs