1. Packages
  2. Sumo Logic
  3. API Docs
  4. CseLogMapping
Sumo Logic v0.22.1 published on Sunday, Jun 9, 2024 by Pulumi

sumologic.CseLogMapping

Explore with Pulumi AI

sumologic logo
Sumo Logic v0.22.1 published on Sunday, Jun 9, 2024 by Pulumi

    Provides a Sumologic CSE Log Mapping.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as sumologic from "@pulumi/sumologic";
    
    const logMapping = new sumologic.CseLogMapping("log_mapping", {
        name: "New Log Mapping",
        productGuid: "003d35b3-3ba8-4e93-8776-e5810b4e243e",
        recordType: "Audit",
        enabled: true,
        relatesEntities: true,
        skippedValues: ["skipped"],
        fields: [{
            name: "action",
            value: "action",
            valueType: "constant",
            skippedValues: ["-"],
            defaultValue: "",
            format: "JSON",
            caseInsensitive: false,
            alternateValues: ["altValue"],
            timeZone: "UTC",
            splitDelimiter: ",",
            splitIndex: 0,
            fieldJoins: ["and"],
            joinDelimiter: "",
            formatParameters: ["param"],
            lookups: [{
                key: "tunnel-up",
                value: "true",
            }],
        }],
        structuredInputs: [{
            eventIdPattern: "vpn",
            logFormat: "JSON",
            product: "fortinate",
            vendor: "fortinate",
        }],
    });
    
    import pulumi
    import pulumi_sumologic as sumologic
    
    log_mapping = sumologic.CseLogMapping("log_mapping",
        name="New Log Mapping",
        product_guid="003d35b3-3ba8-4e93-8776-e5810b4e243e",
        record_type="Audit",
        enabled=True,
        relates_entities=True,
        skipped_values=["skipped"],
        fields=[sumologic.CseLogMappingFieldArgs(
            name="action",
            value="action",
            value_type="constant",
            skipped_values=["-"],
            default_value="",
            format="JSON",
            case_insensitive=False,
            alternate_values=["altValue"],
            time_zone="UTC",
            split_delimiter=",",
            split_index=0,
            field_joins=["and"],
            join_delimiter="",
            format_parameters=["param"],
            lookups=[sumologic.CseLogMappingFieldLookupArgs(
                key="tunnel-up",
                value="true",
            )],
        )],
        structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
            event_id_pattern="vpn",
            log_format="JSON",
            product="fortinate",
            vendor="fortinate",
        )])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := sumologic.NewCseLogMapping(ctx, "log_mapping", &sumologic.CseLogMappingArgs{
    			Name:            pulumi.String("New Log Mapping"),
    			ProductGuid:     pulumi.String("003d35b3-3ba8-4e93-8776-e5810b4e243e"),
    			RecordType:      pulumi.String("Audit"),
    			Enabled:         pulumi.Bool(true),
    			RelatesEntities: pulumi.Bool(true),
    			SkippedValues: pulumi.StringArray{
    				pulumi.String("skipped"),
    			},
    			Fields: sumologic.CseLogMappingFieldArray{
    				&sumologic.CseLogMappingFieldArgs{
    					Name:      pulumi.String("action"),
    					Value:     pulumi.String("action"),
    					ValueType: pulumi.String("constant"),
    					SkippedValues: pulumi.StringArray{
    						pulumi.String("-"),
    					},
    					DefaultValue:    pulumi.String(""),
    					Format:          pulumi.String("JSON"),
    					CaseInsensitive: pulumi.Bool(false),
    					AlternateValues: pulumi.StringArray{
    						pulumi.String("altValue"),
    					},
    					TimeZone:       pulumi.String("UTC"),
    					SplitDelimiter: pulumi.String(","),
    					SplitIndex:     pulumi.Int(0),
    					FieldJoins: pulumi.StringArray{
    						pulumi.String("and"),
    					},
    					JoinDelimiter: pulumi.String(""),
    					FormatParameters: pulumi.StringArray{
    						pulumi.String("param"),
    					},
    					Lookups: sumologic.CseLogMappingFieldLookupArray{
    						&sumologic.CseLogMappingFieldLookupArgs{
    							Key:   pulumi.String("tunnel-up"),
    							Value: pulumi.String("true"),
    						},
    					},
    				},
    			},
    			StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
    				&sumologic.CseLogMappingStructuredInputArgs{
    					EventIdPattern: pulumi.String("vpn"),
    					LogFormat:      pulumi.String("JSON"),
    					Product:        pulumi.String("fortinate"),
    					Vendor:         pulumi.String("fortinate"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using SumoLogic = Pulumi.SumoLogic;
    
    return await Deployment.RunAsync(() => 
    {
        var logMapping = new SumoLogic.CseLogMapping("log_mapping", new()
        {
            Name = "New Log Mapping",
            ProductGuid = "003d35b3-3ba8-4e93-8776-e5810b4e243e",
            RecordType = "Audit",
            Enabled = true,
            RelatesEntities = true,
            SkippedValues = new[]
            {
                "skipped",
            },
            Fields = new[]
            {
                new SumoLogic.Inputs.CseLogMappingFieldArgs
                {
                    Name = "action",
                    Value = "action",
                    ValueType = "constant",
                    SkippedValues = new[]
                    {
                        "-",
                    },
                    DefaultValue = "",
                    Format = "JSON",
                    CaseInsensitive = false,
                    AlternateValues = new[]
                    {
                        "altValue",
                    },
                    TimeZone = "UTC",
                    SplitDelimiter = ",",
                    SplitIndex = 0,
                    FieldJoins = new[]
                    {
                        "and",
                    },
                    JoinDelimiter = "",
                    FormatParameters = new[]
                    {
                        "param",
                    },
                    Lookups = new[]
                    {
                        new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
                        {
                            Key = "tunnel-up",
                            Value = "true",
                        },
                    },
                },
            },
            StructuredInputs = new[]
            {
                new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
                {
                    EventIdPattern = "vpn",
                    LogFormat = "JSON",
                    Product = "fortinate",
                    Vendor = "fortinate",
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.sumologic.CseLogMapping;
    import com.pulumi.sumologic.CseLogMappingArgs;
    import com.pulumi.sumologic.inputs.CseLogMappingFieldArgs;
    import com.pulumi.sumologic.inputs.CseLogMappingStructuredInputArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var logMapping = new CseLogMapping("logMapping", CseLogMappingArgs.builder()
                .name("New Log Mapping")
                .productGuid("003d35b3-3ba8-4e93-8776-e5810b4e243e")
                .recordType("Audit")
                .enabled(true)
                .relatesEntities(true)
                .skippedValues("skipped")
                .fields(CseLogMappingFieldArgs.builder()
                    .name("action")
                    .value("action")
                    .valueType("constant")
                    .skippedValues("-")
                    .defaultValue("")
                    .format("JSON")
                    .caseInsensitive(false)
                    .alternateValues("altValue")
                    .timeZone("UTC")
                    .splitDelimiter(",")
                    .splitIndex(0)
                    .fieldJoins("and")
                    .joinDelimiter("")
                    .formatParameters("param")
                    .lookups(CseLogMappingFieldLookupArgs.builder()
                        .key("tunnel-up")
                        .value("true")
                        .build())
                    .build())
                .structuredInputs(CseLogMappingStructuredInputArgs.builder()
                    .eventIdPattern("vpn")
                    .logFormat("JSON")
                    .product("fortinate")
                    .vendor("fortinate")
                    .build())
                .build());
    
        }
    }
    
    resources:
      logMapping:
        type: sumologic:CseLogMapping
        name: log_mapping
        properties:
          name: New Log Mapping
          productGuid: 003d35b3-3ba8-4e93-8776-e5810b4e243e
          recordType: Audit
          enabled: true
          relatesEntities: true
          skippedValues:
            - skipped
          fields:
            - name: action
              value: action
              valueType: constant
              skippedValues:
                - '-'
              defaultValue:
              format: JSON
              caseInsensitive: false
              alternateValues:
                - altValue
              timeZone: UTC
              splitDelimiter: ','
              splitIndex: 0
              fieldJoins:
                - and
              joinDelimiter:
              formatParameters:
                - param
              lookups:
                - key: tunnel-up
                  value: 'true'
          structuredInputs:
            - eventIdPattern: vpn
              logFormat: JSON
              product: fortinate
              vendor: fortinate
    

    Create CseLogMapping Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new CseLogMapping(name: string, args: CseLogMappingArgs, opts?: CustomResourceOptions);
    @overload
    def CseLogMapping(resource_name: str,
                      args: CseLogMappingArgs,
                      opts: Optional[ResourceOptions] = None)
    
    @overload
    def CseLogMapping(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      enabled: Optional[bool] = None,
                      fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
                      product_guid: Optional[str] = None,
                      record_type: Optional[str] = None,
                      name: Optional[str] = None,
                      parent_id: Optional[str] = None,
                      relates_entities: Optional[bool] = None,
                      skipped_values: Optional[Sequence[str]] = None,
                      structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
                      unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None)
    func NewCseLogMapping(ctx *Context, name string, args CseLogMappingArgs, opts ...ResourceOption) (*CseLogMapping, error)
    public CseLogMapping(string name, CseLogMappingArgs args, CustomResourceOptions? opts = null)
    public CseLogMapping(String name, CseLogMappingArgs args)
    public CseLogMapping(String name, CseLogMappingArgs args, CustomResourceOptions options)
    
    type: sumologic:CseLogMapping
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var cseLogMappingResource = new SumoLogic.CseLogMapping("cseLogMappingResource", new()
    {
        Enabled = false,
        Fields = new[]
        {
            new SumoLogic.Inputs.CseLogMappingFieldArgs
            {
                Name = "string",
                JoinDelimiter = "string",
                CaseInsensitive = false,
                FieldJoins = new[]
                {
                    "string",
                },
                Format = "string",
                FormatParameters = new[]
                {
                    "string",
                },
                AlternateValues = new[]
                {
                    "string",
                },
                Lookups = new[]
                {
                    new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
                    {
                        Key = "string",
                        Value = "string",
                    },
                },
                DefaultValue = "string",
                SkippedValues = new[]
                {
                    "string",
                },
                SplitDelimiter = "string",
                SplitIndex = 0,
                TimeZone = "string",
                Value = "string",
                ValueType = "string",
            },
        },
        ProductGuid = "string",
        RecordType = "string",
        Name = "string",
        ParentId = "string",
        RelatesEntities = false,
        SkippedValues = new[]
        {
            "string",
        },
        StructuredInputs = new[]
        {
            new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
            {
                EventIdPattern = "string",
                LogFormat = "string",
                Product = "string",
                Vendor = "string",
            },
        },
        UnstructuredFields = new SumoLogic.Inputs.CseLogMappingUnstructuredFieldsArgs
        {
            PatternNames = new[]
            {
                "string",
            },
        },
    });
    
    example, err := sumologic.NewCseLogMapping(ctx, "cseLogMappingResource", &sumologic.CseLogMappingArgs{
    	Enabled: pulumi.Bool(false),
    	Fields: sumologic.CseLogMappingFieldArray{
    		&sumologic.CseLogMappingFieldArgs{
    			Name:            pulumi.String("string"),
    			JoinDelimiter:   pulumi.String("string"),
    			CaseInsensitive: pulumi.Bool(false),
    			FieldJoins: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Format: pulumi.String("string"),
    			FormatParameters: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			AlternateValues: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Lookups: sumologic.CseLogMappingFieldLookupArray{
    				&sumologic.CseLogMappingFieldLookupArgs{
    					Key:   pulumi.String("string"),
    					Value: pulumi.String("string"),
    				},
    			},
    			DefaultValue: pulumi.String("string"),
    			SkippedValues: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			SplitDelimiter: pulumi.String("string"),
    			SplitIndex:     pulumi.Int(0),
    			TimeZone:       pulumi.String("string"),
    			Value:          pulumi.String("string"),
    			ValueType:      pulumi.String("string"),
    		},
    	},
    	ProductGuid:     pulumi.String("string"),
    	RecordType:      pulumi.String("string"),
    	Name:            pulumi.String("string"),
    	ParentId:        pulumi.String("string"),
    	RelatesEntities: pulumi.Bool(false),
    	SkippedValues: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
    		&sumologic.CseLogMappingStructuredInputArgs{
    			EventIdPattern: pulumi.String("string"),
    			LogFormat:      pulumi.String("string"),
    			Product:        pulumi.String("string"),
    			Vendor:         pulumi.String("string"),
    		},
    	},
    	UnstructuredFields: &sumologic.CseLogMappingUnstructuredFieldsArgs{
    		PatternNames: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    })
    
    var cseLogMappingResource = new CseLogMapping("cseLogMappingResource", CseLogMappingArgs.builder()
        .enabled(false)
        .fields(CseLogMappingFieldArgs.builder()
            .name("string")
            .joinDelimiter("string")
            .caseInsensitive(false)
            .fieldJoins("string")
            .format("string")
            .formatParameters("string")
            .alternateValues("string")
            .lookups(CseLogMappingFieldLookupArgs.builder()
                .key("string")
                .value("string")
                .build())
            .defaultValue("string")
            .skippedValues("string")
            .splitDelimiter("string")
            .splitIndex(0)
            .timeZone("string")
            .value("string")
            .valueType("string")
            .build())
        .productGuid("string")
        .recordType("string")
        .name("string")
        .parentId("string")
        .relatesEntities(false)
        .skippedValues("string")
        .structuredInputs(CseLogMappingStructuredInputArgs.builder()
            .eventIdPattern("string")
            .logFormat("string")
            .product("string")
            .vendor("string")
            .build())
        .unstructuredFields(CseLogMappingUnstructuredFieldsArgs.builder()
            .patternNames("string")
            .build())
        .build());
    
    cse_log_mapping_resource = sumologic.CseLogMapping("cseLogMappingResource",
        enabled=False,
        fields=[sumologic.CseLogMappingFieldArgs(
            name="string",
            join_delimiter="string",
            case_insensitive=False,
            field_joins=["string"],
            format="string",
            format_parameters=["string"],
            alternate_values=["string"],
            lookups=[sumologic.CseLogMappingFieldLookupArgs(
                key="string",
                value="string",
            )],
            default_value="string",
            skipped_values=["string"],
            split_delimiter="string",
            split_index=0,
            time_zone="string",
            value="string",
            value_type="string",
        )],
        product_guid="string",
        record_type="string",
        name="string",
        parent_id="string",
        relates_entities=False,
        skipped_values=["string"],
        structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
            event_id_pattern="string",
            log_format="string",
            product="string",
            vendor="string",
        )],
        unstructured_fields=sumologic.CseLogMappingUnstructuredFieldsArgs(
            pattern_names=["string"],
        ))
    
    const cseLogMappingResource = new sumologic.CseLogMapping("cseLogMappingResource", {
        enabled: false,
        fields: [{
            name: "string",
            joinDelimiter: "string",
            caseInsensitive: false,
            fieldJoins: ["string"],
            format: "string",
            formatParameters: ["string"],
            alternateValues: ["string"],
            lookups: [{
                key: "string",
                value: "string",
            }],
            defaultValue: "string",
            skippedValues: ["string"],
            splitDelimiter: "string",
            splitIndex: 0,
            timeZone: "string",
            value: "string",
            valueType: "string",
        }],
        productGuid: "string",
        recordType: "string",
        name: "string",
        parentId: "string",
        relatesEntities: false,
        skippedValues: ["string"],
        structuredInputs: [{
            eventIdPattern: "string",
            logFormat: "string",
            product: "string",
            vendor: "string",
        }],
        unstructuredFields: {
            patternNames: ["string"],
        },
    });
    
    type: sumologic:CseLogMapping
    properties:
        enabled: false
        fields:
            - alternateValues:
                - string
              caseInsensitive: false
              defaultValue: string
              fieldJoins:
                - string
              format: string
              formatParameters:
                - string
              joinDelimiter: string
              lookups:
                - key: string
                  value: string
              name: string
              skippedValues:
                - string
              splitDelimiter: string
              splitIndex: 0
              timeZone: string
              value: string
              valueType: string
        name: string
        parentId: string
        productGuid: string
        recordType: string
        relatesEntities: false
        skippedValues:
            - string
        structuredInputs:
            - eventIdPattern: string
              logFormat: string
              product: string
              vendor: string
        unstructuredFields:
            patternNames:
                - string
    

    CseLogMapping Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The CseLogMapping resource accepts the following input properties:

    Enabled bool
    Enabled flag.
    Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingField>
    List of fields for the new log mapping. See field_schema for details.
    ProductGuid string
    Product GUID.
    RecordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    Name string
    The name of the log mapping.
    ParentId string
    The id of the parent log mapping.
    RelatesEntities bool
    Set to true to relate entities.
    SkippedValues List<string>
    List of skipped values.
    StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInput>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    Enabled bool
    Enabled flag.
    Fields []CseLogMappingFieldArgs
    List of fields for the new log mapping. See field_schema for details.
    ProductGuid string
    Product GUID.
    RecordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    Name string
    The name of the log mapping.
    ParentId string
    The id of the parent log mapping.
    RelatesEntities bool
    Set to true to relate entities.
    SkippedValues []string
    List of skipped values.
    StructuredInputs []CseLogMappingStructuredInputArgs
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    UnstructuredFields CseLogMappingUnstructuredFieldsArgs
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled Boolean
    Enabled flag.
    fields List<CseLogMappingField>
    List of fields for the new log mapping. See field_schema for details.
    productGuid String
    Product GUID.
    recordType String
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    name String
    The name of the log mapping.
    parentId String
    The id of the parent log mapping.
    relatesEntities Boolean
    Set to true to relate entities.
    skippedValues List<String>
    List of skipped values.
    structuredInputs List<CseLogMappingStructuredInput>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled boolean
    Enabled flag.
    fields CseLogMappingField[]
    List of fields for the new log mapping. See field_schema for details.
    productGuid string
    Product GUID.
    recordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    name string
    The name of the log mapping.
    parentId string
    The id of the parent log mapping.
    relatesEntities boolean
    Set to true to relate entities.
    skippedValues string[]
    List of skipped values.
    structuredInputs CseLogMappingStructuredInput[]
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled bool
    Enabled flag.
    fields Sequence[CseLogMappingFieldArgs]
    List of fields for the new log mapping. See field_schema for details.
    product_guid str
    Product GUID.
    record_type str
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    name str
    The name of the log mapping.
    parent_id str
    The id of the parent log mapping.
    relates_entities bool
    Set to true to relate entities.
    skipped_values Sequence[str]
    List of skipped values.
    structured_inputs Sequence[CseLogMappingStructuredInputArgs]
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructured_fields CseLogMappingUnstructuredFieldsArgs
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled Boolean
    Enabled flag.
    fields List<Property Map>
    List of fields for the new log mapping. See field_schema for details.
    productGuid String
    Product GUID.
    recordType String
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    name String
    The name of the log mapping.
    parentId String
    The id of the parent log mapping.
    relatesEntities Boolean
    Set to true to relate entities.
    skippedValues List<String>
    List of skipped values.
    structuredInputs List<Property Map>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields Property Map
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CseLogMapping resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing CseLogMapping Resource

    Get an existing CseLogMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CseLogMappingState, opts?: CustomResourceOptions): CseLogMapping
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            enabled: Optional[bool] = None,
            fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
            name: Optional[str] = None,
            parent_id: Optional[str] = None,
            product_guid: Optional[str] = None,
            record_type: Optional[str] = None,
            relates_entities: Optional[bool] = None,
            skipped_values: Optional[Sequence[str]] = None,
            structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
            unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None) -> CseLogMapping
    func GetCseLogMapping(ctx *Context, name string, id IDInput, state *CseLogMappingState, opts ...ResourceOption) (*CseLogMapping, error)
    public static CseLogMapping Get(string name, Input<string> id, CseLogMappingState? state, CustomResourceOptions? opts = null)
    public static CseLogMapping get(String name, Output<String> id, CseLogMappingState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Enabled bool
    Enabled flag.
    Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingField>
    List of fields for the new log mapping. See field_schema for details.
    Name string
    The name of the log mapping.
    ParentId string
    The id of the parent log mapping.
    ProductGuid string
    Product GUID.
    RecordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    RelatesEntities bool
    Set to true to relate entities.
    SkippedValues List<string>
    List of skipped values.
    StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInput>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    Enabled bool
    Enabled flag.
    Fields []CseLogMappingFieldArgs
    List of fields for the new log mapping. See field_schema for details.
    Name string
    The name of the log mapping.
    ParentId string
    The id of the parent log mapping.
    ProductGuid string
    Product GUID.
    RecordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    RelatesEntities bool
    Set to true to relate entities.
    SkippedValues []string
    List of skipped values.
    StructuredInputs []CseLogMappingStructuredInputArgs
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    UnstructuredFields CseLogMappingUnstructuredFieldsArgs
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled Boolean
    Enabled flag.
    fields List<CseLogMappingField>
    List of fields for the new log mapping. See field_schema for details.
    name String
    The name of the log mapping.
    parentId String
    The id of the parent log mapping.
    productGuid String
    Product GUID.
    recordType String
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    relatesEntities Boolean
    Set to true to relate entities.
    skippedValues List<String>
    List of skipped values.
    structuredInputs List<CseLogMappingStructuredInput>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled boolean
    Enabled flag.
    fields CseLogMappingField[]
    List of fields for the new log mapping. See field_schema for details.
    name string
    The name of the log mapping.
    parentId string
    The id of the parent log mapping.
    productGuid string
    Product GUID.
    recordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    relatesEntities boolean
    Set to true to relate entities.
    skippedValues string[]
    List of skipped values.
    structuredInputs CseLogMappingStructuredInput[]
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled bool
    Enabled flag.
    fields Sequence[CseLogMappingFieldArgs]
    List of fields for the new log mapping. See field_schema for details.
    name str
    The name of the log mapping.
    parent_id str
    The id of the parent log mapping.
    product_guid str
    Product GUID.
    record_type str
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    relates_entities bool
    Set to true to relate entities.
    skipped_values Sequence[str]
    List of skipped values.
    structured_inputs Sequence[CseLogMappingStructuredInputArgs]
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructured_fields CseLogMappingUnstructuredFieldsArgs
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled Boolean
    Enabled flag.
    fields List<Property Map>
    List of fields for the new log mapping. See field_schema for details.
    name String
    The name of the log mapping.
    parentId String
    The id of the parent log mapping.
    productGuid String
    Product GUID.
    recordType String
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    relatesEntities Boolean
    Set to true to relate entities.
    skippedValues List<String>
    List of skipped values.
    structuredInputs List<Property Map>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields Property Map
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    Supporting Types

    CseLogMappingField, CseLogMappingFieldArgs

    Name string
    The name of the log mapping.
    AlternateValues List<string>
    CaseInsensitive bool
    DefaultValue string
    FieldJoins List<string>
    Format string
    FormatParameters List<string>
    JoinDelimiter string
    Lookups List<Pulumi.SumoLogic.Inputs.CseLogMappingFieldLookup>
    SkippedValues List<string>
    List of skipped values.
    SplitDelimiter string
    SplitIndex int
    TimeZone string
    Value string
    ValueType string
    Name string
    The name of the log mapping.
    AlternateValues []string
    CaseInsensitive bool
    DefaultValue string
    FieldJoins []string
    Format string
    FormatParameters []string
    JoinDelimiter string
    Lookups []CseLogMappingFieldLookup
    SkippedValues []string
    List of skipped values.
    SplitDelimiter string
    SplitIndex int
    TimeZone string
    Value string
    ValueType string
    name String
    The name of the log mapping.
    alternateValues List<String>
    caseInsensitive Boolean
    defaultValue String
    fieldJoins List<String>
    format String
    formatParameters List<String>
    joinDelimiter String
    lookups List<CseLogMappingFieldLookup>
    skippedValues List<String>
    List of skipped values.
    splitDelimiter String
    splitIndex Integer
    timeZone String
    value String
    valueType String
    name string
    The name of the log mapping.
    alternateValues string[]
    caseInsensitive boolean
    defaultValue string
    fieldJoins string[]
    format string
    formatParameters string[]
    joinDelimiter string
    lookups CseLogMappingFieldLookup[]
    skippedValues string[]
    List of skipped values.
    splitDelimiter string
    splitIndex number
    timeZone string
    value string
    valueType string
    name str
    The name of the log mapping.
    alternate_values Sequence[str]
    case_insensitive bool
    default_value str
    field_joins Sequence[str]
    format str
    format_parameters Sequence[str]
    join_delimiter str
    lookups Sequence[CseLogMappingFieldLookup]
    skipped_values Sequence[str]
    List of skipped values.
    split_delimiter str
    split_index int
    time_zone str
    value str
    value_type str
    name String
    The name of the log mapping.
    alternateValues List<String>
    caseInsensitive Boolean
    defaultValue String
    fieldJoins List<String>
    format String
    formatParameters List<String>
    joinDelimiter String
    lookups List<Property Map>
    skippedValues List<String>
    List of skipped values.
    splitDelimiter String
    splitIndex Number
    timeZone String
    value String
    valueType String

    CseLogMappingFieldLookup, CseLogMappingFieldLookupArgs

    Key string
    Value string
    Key string
    Value string
    key String
    value String
    key string
    value string
    key str
    value str
    key String
    value String

    CseLogMappingStructuredInput, CseLogMappingStructuredInputArgs

    EventIdPattern string
    LogFormat string
    Product string
    Vendor string
    EventIdPattern string
    LogFormat string
    Product string
    Vendor string
    eventIdPattern String
    logFormat String
    product String
    vendor String
    eventIdPattern string
    logFormat string
    product string
    vendor string
    eventIdPattern String
    logFormat String
    product String
    vendor String

    CseLogMappingUnstructuredFields, CseLogMappingUnstructuredFieldsArgs

    PatternNames List<string>
    PatternNames []string
    patternNames List<String>
    patternNames string[]
    pattern_names Sequence[str]
    patternNames List<String>

    Import

    Log Mapping can be imported using the field id, e.g.:

    hcl

    $ pulumi import sumologic:index/cseLogMapping:CseLogMapping log_mapping id
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Sumo Logic pulumi/pulumi-sumologic
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the sumologic Terraform Provider.
    sumologic logo
    Sumo Logic v0.22.1 published on Sunday, Jun 9, 2024 by Pulumi