The logs forwarded to AWS S3 in JSON format via Strata Logging Service > Log Forwarding > AWS S3 Profiles seem to be corrupted.

• The customer configured the log forwarding to AWS S3 Bucket in SLS > Log Forwarding > AWS S3 Profiles
• During the operation check, it was confirmed that files were being generated in .json format in the S3 bucket
• However, after downloading and inspecting the files from the S3 bucket, the content appeared to be corrupted
• Attempted to decompress the files with Snappy, but the decompression was unsuccessful

• Prisma Access
• Strata Logging Service

• As described in the documentation of Forward Logs to AWS S3 Bucket, the log file is compressed using Snappy before forwarding it.
• Downloaded files were corrupted due to a lack of Snappy decompression. 

1. The file needs to be decompressed using Snappy to get the actual JSON, by design.  
2. Our engineering team provided an example of the script to decode the file in a similar case. 

   import snappy
   import sys
   
   file = sys.argv[1]
   
   with open(file, 'rb') as f:
   	index = 0
   	data = f.read()
   	for b in data:
   		if b == 10: #separator
   			break;
   		index = index + 1
   
   	payload = data[index+1:]
   	print(snappy.uncompress(payload))

Strata Logging Service  Forward Logs to AWS S3 Bucket