For developing rules, it would be really helpful if I could see the original logs with all of the fields.
Under Output in the aws-ct-timeline command, I want to add a -R, --raw-output Output the original logs to output just the original logs with the following fields added:

• RuleTitle: 'sigma.title'
• RuleAuthor: 'sigma.author'
• Level: 'sigma.level'

Since the original logs are JSON and it would be cumbersome to convert to CSV, a type (-t) of 2 or 3 should be required.