Previewing Imports

Import Rules can be previewed (via the "Preview Rule" button at the bottom of the edit form) to see:

• which S3 keys match the provided prefix + regex provided to the Import Rule

• how the log events in objects under those keys will parse out into table format given the extractors/unrollers defined in the Import Rule

Because Scanner doesn't know how many objects are in the bucket, S3 key previews are generated conservatively: Scanner lists 1000 S3 objects with the prefix given, and then applies the provided regex against them. This means that it's sometimes possible for the preview to fail to find existing keys that match the criteria.

For example, the prefix foo/ with the regex ^b.* will fail to find foo/bar if there are >=1000 keys that begin with foo/a.

In most cases, this can be resolved by extending the prefix. In the above example, using a prefix of foo/b with the regex .* will give the desired results.