In step 4 of the stage 1 process. when running the command, I receive an invalid length for parameter message: LoggingConfiguration.ResourceArn, value: 6, valid range: 20-inf. Here is a sanitized version of what is being ran:

python3 gewalthaufen.py
my-aws-region us-east-1
vpc-id vpc-09XXXXXXXXXe
waf-arn arn:aws:wafv2:us-east-1:%%%%%%%%%%:regional/webacl/SyntheticSun-WACL/00e^&7ce-0049-41%^-81c5-XXa1919893aa
firehose-arn arn:aws:firehose:us-east-1:44444444449:deliverystream/aws-waf-logs-syntheticsun
elasticsearch-endpoint https://search-syntheticsun-es-&&&&&&&&&&&-east-1.es.amazonaws.com
misp-instance-id i-059************

I'm running this from an Amazon Linux 2 instance using a virtual environment with Python 3.7.6.

BTW, It looks like GitHub is removing the trailing slash after each command, accept for the last command for the misp-instance argument.

Thanks,
David

Did you include those example values, i.e. my-aws-region? Those are supposed to be replaced, I will clear up the readme there if that was the problem

Yes, I replaced the values with ones that I gathered from deploying the SyntheticSun_SETUP_CFN.yaml. I'll take a look at the readme, too.

David

I was using Cloud9 Ubuntu 18.04LTS using Python3.6 for mine. Pretty sure it was in the pre-req's but make sure you have the latest version of awscli and boto3 for WAFv2

Looks like that issue is with the WAF attachment - do you have any CloudTrail logs that got created for that?

I do have the latest versions, but let me double check. I'll double check the CloudTrail piece. I'm using an old account that I haven't touched in a while.

I might just start from scratch and use the same method you used to limit any variables :).

Added some background info to the readme with #12 Any issues you're still having?

Jon,

I think we are good. I had to make an adjustment.

Thanks,
David