1. Packages
  2. Sumo Logic
  3. API Docs
  4. CseLogMapping
Sumo Logic v0.20.0 published on Monday, Nov 27, 2023 by Pulumi

sumologic.CseLogMapping

Explore with Pulumi AI

sumologic logo
Sumo Logic v0.20.0 published on Monday, Nov 27, 2023 by Pulumi

    Provides a Sumologic CSE Log Mapping.

    Example Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using SumoLogic = Pulumi.SumoLogic;
    
    return await Deployment.RunAsync(() => 
    {
        var logMapping = new SumoLogic.CseLogMapping("logMapping", new()
        {
            Enabled = true,
            Fields = new[]
            {
                new SumoLogic.Inputs.CseLogMappingFieldArgs
                {
                    AlternateValues = new[]
                    {
                        "altValue",
                    },
                    CaseInsensitive = false,
                    DefaultValue = "",
                    FieldJoins = new[]
                    {
                        "and",
                    },
                    Format = "JSON",
                    FormatParameters = new[]
                    {
                        "param",
                    },
                    JoinDelimiter = "",
                    Lookups = new[]
                    {
                        new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
                        {
                            Key = "tunnel-up",
                            Value = "true",
                        },
                    },
                    Name = "action",
                    SkippedValues = new[]
                    {
                        "-",
                    },
                    SplitDelimiter = ",",
                    SplitIndex = 0,
                    TimeZone = "UTC",
                    Value = "action",
                    ValueType = "constant",
                },
            },
            ProductGuid = "003d35b3-3ba8-4e93-8776-e5810b4e243e",
            RecordType = "Audit",
            RelatesEntities = true,
            SkippedValues = new[]
            {
                "skipped",
            },
            StructuredInputs = new[]
            {
                new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
                {
                    EventIdPattern = "vpn",
                    LogFormat = "JSON",
                    Product = "fortinate",
                    Vendor = "fortinate",
                },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := sumologic.NewCseLogMapping(ctx, "logMapping", &sumologic.CseLogMappingArgs{
    			Enabled: pulumi.Bool(true),
    			Fields: sumologic.CseLogMappingFieldArray{
    				&sumologic.CseLogMappingFieldArgs{
    					AlternateValues: pulumi.StringArray{
    						pulumi.String("altValue"),
    					},
    					CaseInsensitive: pulumi.Bool(false),
    					DefaultValue:    pulumi.String(""),
    					FieldJoins: pulumi.StringArray{
    						pulumi.String("and"),
    					},
    					Format: pulumi.String("JSON"),
    					FormatParameters: pulumi.StringArray{
    						pulumi.String("param"),
    					},
    					JoinDelimiter: pulumi.String(""),
    					Lookups: sumologic.CseLogMappingFieldLookupArray{
    						&sumologic.CseLogMappingFieldLookupArgs{
    							Key:   pulumi.String("tunnel-up"),
    							Value: pulumi.String("true"),
    						},
    					},
    					Name: pulumi.String("action"),
    					SkippedValues: pulumi.StringArray{
    						pulumi.String("-"),
    					},
    					SplitDelimiter: pulumi.String(","),
    					SplitIndex:     pulumi.Int(0),
    					TimeZone:       pulumi.String("UTC"),
    					Value:          pulumi.String("action"),
    					ValueType:      pulumi.String("constant"),
    				},
    			},
    			ProductGuid:     pulumi.String("003d35b3-3ba8-4e93-8776-e5810b4e243e"),
    			RecordType:      pulumi.String("Audit"),
    			RelatesEntities: pulumi.Bool(true),
    			SkippedValues: pulumi.StringArray{
    				pulumi.String("skipped"),
    			},
    			StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
    				&sumologic.CseLogMappingStructuredInputArgs{
    					EventIdPattern: pulumi.String("vpn"),
    					LogFormat:      pulumi.String("JSON"),
    					Product:        pulumi.String("fortinate"),
    					Vendor:         pulumi.String("fortinate"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.sumologic.CseLogMapping;
    import com.pulumi.sumologic.CseLogMappingArgs;
    import com.pulumi.sumologic.inputs.CseLogMappingFieldArgs;
    import com.pulumi.sumologic.inputs.CseLogMappingStructuredInputArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var logMapping = new CseLogMapping("logMapping", CseLogMappingArgs.builder()        
                .enabled(true)
                .fields(CseLogMappingFieldArgs.builder()
                    .alternateValues("altValue")
                    .caseInsensitive(false)
                    .defaultValue("")
                    .fieldJoins("and")
                    .format("JSON")
                    .formatParameters("param")
                    .joinDelimiter("")
                    .lookups(CseLogMappingFieldLookupArgs.builder()
                        .key("tunnel-up")
                        .value("true")
                        .build())
                    .name("action")
                    .skippedValues("-")
                    .splitDelimiter(",")
                    .splitIndex(0)
                    .timeZone("UTC")
                    .value("action")
                    .valueType("constant")
                    .build())
                .productGuid("003d35b3-3ba8-4e93-8776-e5810b4e243e")
                .recordType("Audit")
                .relatesEntities(true)
                .skippedValues("skipped")
                .structuredInputs(CseLogMappingStructuredInputArgs.builder()
                    .eventIdPattern("vpn")
                    .logFormat("JSON")
                    .product("fortinate")
                    .vendor("fortinate")
                    .build())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_sumologic as sumologic
    
    log_mapping = sumologic.CseLogMapping("logMapping",
        enabled=True,
        fields=[sumologic.CseLogMappingFieldArgs(
            alternate_values=["altValue"],
            case_insensitive=False,
            default_value="",
            field_joins=["and"],
            format="JSON",
            format_parameters=["param"],
            join_delimiter="",
            lookups=[sumologic.CseLogMappingFieldLookupArgs(
                key="tunnel-up",
                value="true",
            )],
            name="action",
            skipped_values=["-"],
            split_delimiter=",",
            split_index=0,
            time_zone="UTC",
            value="action",
            value_type="constant",
        )],
        product_guid="003d35b3-3ba8-4e93-8776-e5810b4e243e",
        record_type="Audit",
        relates_entities=True,
        skipped_values=["skipped"],
        structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
            event_id_pattern="vpn",
            log_format="JSON",
            product="fortinate",
            vendor="fortinate",
        )])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as sumologic from "@pulumi/sumologic";
    
    const logMapping = new sumologic.CseLogMapping("logMapping", {
        enabled: true,
        fields: [{
            alternateValues: ["altValue"],
            caseInsensitive: false,
            defaultValue: "",
            fieldJoins: ["and"],
            format: "JSON",
            formatParameters: ["param"],
            joinDelimiter: "",
            lookups: [{
                key: "tunnel-up",
                value: "true",
            }],
            name: "action",
            skippedValues: ["-"],
            splitDelimiter: ",",
            splitIndex: 0,
            timeZone: "UTC",
            value: "action",
            valueType: "constant",
        }],
        productGuid: "003d35b3-3ba8-4e93-8776-e5810b4e243e",
        recordType: "Audit",
        relatesEntities: true,
        skippedValues: ["skipped"],
        structuredInputs: [{
            eventIdPattern: "vpn",
            logFormat: "JSON",
            product: "fortinate",
            vendor: "fortinate",
        }],
    });
    
    resources:
      logMapping:
        type: sumologic:CseLogMapping
        properties:
          enabled: true
          fields:
            - alternateValues:
                - altValue
              caseInsensitive: false
              defaultValue:
              fieldJoins:
                - and
              format: JSON
              formatParameters:
                - param
              joinDelimiter:
              lookups:
                - key: tunnel-up
                  value: 'true'
              name: action
              skippedValues:
                - '-'
              splitDelimiter: ','
              splitIndex: 0
              timeZone: UTC
              value: action
              valueType: constant
          productGuid: 003d35b3-3ba8-4e93-8776-e5810b4e243e
          recordType: Audit
          relatesEntities: true
          skippedValues:
            - skipped
          structuredInputs:
            - eventIdPattern: vpn
              logFormat: JSON
              product: fortinate
              vendor: fortinate
    

    Create CseLogMapping Resource

    new CseLogMapping(name: string, args: CseLogMappingArgs, opts?: CustomResourceOptions);
    @overload
    def CseLogMapping(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      enabled: Optional[bool] = None,
                      fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
                      name: Optional[str] = None,
                      parent_id: Optional[str] = None,
                      product_guid: Optional[str] = None,
                      record_type: Optional[str] = None,
                      relates_entities: Optional[bool] = None,
                      skipped_values: Optional[Sequence[str]] = None,
                      structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
                      unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None)
    @overload
    def CseLogMapping(resource_name: str,
                      args: CseLogMappingArgs,
                      opts: Optional[ResourceOptions] = None)
    func NewCseLogMapping(ctx *Context, name string, args CseLogMappingArgs, opts ...ResourceOption) (*CseLogMapping, error)
    public CseLogMapping(string name, CseLogMappingArgs args, CustomResourceOptions? opts = null)
    public CseLogMapping(String name, CseLogMappingArgs args)
    public CseLogMapping(String name, CseLogMappingArgs args, CustomResourceOptions options)
    
    type: sumologic:CseLogMapping
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    CseLogMapping Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The CseLogMapping resource accepts the following input properties:

    Enabled bool

    Enabled flag.

    Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingField>

    List of fields for the new log mapping. See field_schema for details.

    ProductGuid string

    Product GUID.

    RecordType string

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    Name string

    The name of the log mapping.

    ParentId string

    The id of the parent log mapping.

    RelatesEntities bool

    Set to true to relate entities.

    SkippedValues List<string>

    List of skipped values.

    StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInput>

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFields

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    Enabled bool

    Enabled flag.

    Fields []CseLogMappingFieldArgs

    List of fields for the new log mapping. See field_schema for details.

    ProductGuid string

    Product GUID.

    RecordType string

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    Name string

    The name of the log mapping.

    ParentId string

    The id of the parent log mapping.

    RelatesEntities bool

    Set to true to relate entities.

    SkippedValues []string

    List of skipped values.

    StructuredInputs []CseLogMappingStructuredInputArgs

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    UnstructuredFields CseLogMappingUnstructuredFieldsArgs

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    enabled Boolean

    Enabled flag.

    fields List<CseLogMappingField>

    List of fields for the new log mapping. See field_schema for details.

    productGuid String

    Product GUID.

    recordType String

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    name String

    The name of the log mapping.

    parentId String

    The id of the parent log mapping.

    relatesEntities Boolean

    Set to true to relate entities.

    skippedValues List<String>

    List of skipped values.

    structuredInputs List<CseLogMappingStructuredInput>

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    unstructuredFields CseLogMappingUnstructuredFields

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    enabled boolean

    Enabled flag.

    fields CseLogMappingField[]

    List of fields for the new log mapping. See field_schema for details.

    productGuid string

    Product GUID.

    recordType string

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    name string

    The name of the log mapping.

    parentId string

    The id of the parent log mapping.

    relatesEntities boolean

    Set to true to relate entities.

    skippedValues string[]

    List of skipped values.

    structuredInputs CseLogMappingStructuredInput[]

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    unstructuredFields CseLogMappingUnstructuredFields

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    enabled bool

    Enabled flag.

    fields Sequence[CseLogMappingFieldArgs]

    List of fields for the new log mapping. See field_schema for details.

    product_guid str

    Product GUID.

    record_type str

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    name str

    The name of the log mapping.

    parent_id str

    The id of the parent log mapping.

    relates_entities bool

    Set to true to relate entities.

    skipped_values Sequence[str]

    List of skipped values.

    structured_inputs Sequence[CseLogMappingStructuredInputArgs]

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    unstructured_fields CseLogMappingUnstructuredFieldsArgs

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    enabled Boolean

    Enabled flag.

    fields List<Property Map>

    List of fields for the new log mapping. See field_schema for details.

    productGuid String

    Product GUID.

    recordType String

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    name String

    The name of the log mapping.

    parentId String

    The id of the parent log mapping.

    relatesEntities Boolean

    Set to true to relate entities.

    skippedValues List<String>

    List of skipped values.

    structuredInputs List<Property Map>

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    unstructuredFields Property Map

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CseLogMapping resource produces the following output properties:

    Id string

    The provider-assigned unique ID for this managed resource.

    Id string

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    id string

    The provider-assigned unique ID for this managed resource.

    id str

    The provider-assigned unique ID for this managed resource.

    id String

    The provider-assigned unique ID for this managed resource.

    Look up Existing CseLogMapping Resource

    Get an existing CseLogMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CseLogMappingState, opts?: CustomResourceOptions): CseLogMapping
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            enabled: Optional[bool] = None,
            fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
            name: Optional[str] = None,
            parent_id: Optional[str] = None,
            product_guid: Optional[str] = None,
            record_type: Optional[str] = None,
            relates_entities: Optional[bool] = None,
            skipped_values: Optional[Sequence[str]] = None,
            structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
            unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None) -> CseLogMapping
    func GetCseLogMapping(ctx *Context, name string, id IDInput, state *CseLogMappingState, opts ...ResourceOption) (*CseLogMapping, error)
    public static CseLogMapping Get(string name, Input<string> id, CseLogMappingState? state, CustomResourceOptions? opts = null)
    public static CseLogMapping get(String name, Output<String> id, CseLogMappingState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Enabled bool

    Enabled flag.

    Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingField>

    List of fields for the new log mapping. See field_schema for details.

    Name string

    The name of the log mapping.

    ParentId string

    The id of the parent log mapping.

    ProductGuid string

    Product GUID.

    RecordType string

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    RelatesEntities bool

    Set to true to relate entities.

    SkippedValues List<string>

    List of skipped values.

    StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInput>

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFields

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    Enabled bool

    Enabled flag.

    Fields []CseLogMappingFieldArgs

    List of fields for the new log mapping. See field_schema for details.

    Name string

    The name of the log mapping.

    ParentId string

    The id of the parent log mapping.

    ProductGuid string

    Product GUID.

    RecordType string

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    RelatesEntities bool

    Set to true to relate entities.

    SkippedValues []string

    List of skipped values.

    StructuredInputs []CseLogMappingStructuredInputArgs

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    UnstructuredFields CseLogMappingUnstructuredFieldsArgs

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    enabled Boolean

    Enabled flag.

    fields List<CseLogMappingField>

    List of fields for the new log mapping. See field_schema for details.

    name String

    The name of the log mapping.

    parentId String

    The id of the parent log mapping.

    productGuid String

    Product GUID.

    recordType String

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    relatesEntities Boolean

    Set to true to relate entities.

    skippedValues List<String>

    List of skipped values.

    structuredInputs List<CseLogMappingStructuredInput>

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    unstructuredFields CseLogMappingUnstructuredFields

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    enabled boolean

    Enabled flag.

    fields CseLogMappingField[]

    List of fields for the new log mapping. See field_schema for details.

    name string

    The name of the log mapping.

    parentId string

    The id of the parent log mapping.

    productGuid string

    Product GUID.

    recordType string

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    relatesEntities boolean

    Set to true to relate entities.

    skippedValues string[]

    List of skipped values.

    structuredInputs CseLogMappingStructuredInput[]

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    unstructuredFields CseLogMappingUnstructuredFields

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    enabled bool

    Enabled flag.

    fields Sequence[CseLogMappingFieldArgs]

    List of fields for the new log mapping. See field_schema for details.

    name str

    The name of the log mapping.

    parent_id str

    The id of the parent log mapping.

    product_guid str

    Product GUID.

    record_type str

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    relates_entities bool

    Set to true to relate entities.

    skipped_values Sequence[str]

    List of skipped values.

    structured_inputs Sequence[CseLogMappingStructuredInputArgs]

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    unstructured_fields CseLogMappingUnstructuredFieldsArgs

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    enabled Boolean

    Enabled flag.

    fields List<Property Map>

    List of fields for the new log mapping. See field_schema for details.

    name String

    The name of the log mapping.

    parentId String

    The id of the parent log mapping.

    productGuid String

    Product GUID.

    recordType String

    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

    relatesEntities Boolean

    Set to true to relate entities.

    skippedValues List<String>

    List of skipped values.

    structuredInputs List<Property Map>

    List of structured inputs for the new log mapping. See structured_input_schema for details.

    unstructuredFields Property Map

    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    Supporting Types

    CseLogMappingField, CseLogMappingFieldArgs

    Name string

    The name of the log mapping.

    AlternateValues List<string>

    List of alternate values.

    CaseInsensitive bool

    Case insensitive flag.

    DefaultValue string

    Default value of the field.

    FieldJoins List<string>

    List of field join values.

    Format string

    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

    FormatParameters List<string>

    List of format parameters.

    JoinDelimiter string

    Join delimiter.

    Lookups List<Pulumi.SumoLogic.Inputs.CseLogMappingFieldLookup>

    List of lookup key value pair for field. See lookup_schema for details.

    SkippedValues List<string>

    List of skipped values.

    SplitDelimiter string

    Split delimiter to be used. (some example: ",", "-", "|")

    SplitIndex int

    The index value to select (starting at zero)

    TimeZone string

    Time zone.

    Value string

    Lookup value.

    ValueType string

    The value type.

    Name string

    The name of the log mapping.

    AlternateValues []string

    List of alternate values.

    CaseInsensitive bool

    Case insensitive flag.

    DefaultValue string

    Default value of the field.

    FieldJoins []string

    List of field join values.

    Format string

    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

    FormatParameters []string

    List of format parameters.

    JoinDelimiter string

    Join delimiter.

    Lookups []CseLogMappingFieldLookup

    List of lookup key value pair for field. See lookup_schema for details.

    SkippedValues []string

    List of skipped values.

    SplitDelimiter string

    Split delimiter to be used. (some example: ",", "-", "|")

    SplitIndex int

    The index value to select (starting at zero)

    TimeZone string

    Time zone.

    Value string

    Lookup value.

    ValueType string

    The value type.

    name String

    The name of the log mapping.

    alternateValues List<String>

    List of alternate values.

    caseInsensitive Boolean

    Case insensitive flag.

    defaultValue String

    Default value of the field.

    fieldJoins List<String>

    List of field join values.

    format String

    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

    formatParameters List<String>

    List of format parameters.

    joinDelimiter String

    Join delimiter.

    lookups List<CseLogMappingFieldLookup>

    List of lookup key value pair for field. See lookup_schema for details.

    skippedValues List<String>

    List of skipped values.

    splitDelimiter String

    Split delimiter to be used. (some example: ",", "-", "|")

    splitIndex Integer

    The index value to select (starting at zero)

    timeZone String

    Time zone.

    value String

    Lookup value.

    valueType String

    The value type.

    name string

    The name of the log mapping.

    alternateValues string[]

    List of alternate values.

    caseInsensitive boolean

    Case insensitive flag.

    defaultValue string

    Default value of the field.

    fieldJoins string[]

    List of field join values.

    format string

    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

    formatParameters string[]

    List of format parameters.

    joinDelimiter string

    Join delimiter.

    lookups CseLogMappingFieldLookup[]

    List of lookup key value pair for field. See lookup_schema for details.

    skippedValues string[]

    List of skipped values.

    splitDelimiter string

    Split delimiter to be used. (some example: ",", "-", "|")

    splitIndex number

    The index value to select (starting at zero)

    timeZone string

    Time zone.

    value string

    Lookup value.

    valueType string

    The value type.

    name str

    The name of the log mapping.

    alternate_values Sequence[str]

    List of alternate values.

    case_insensitive bool

    Case insensitive flag.

    default_value str

    Default value of the field.

    field_joins Sequence[str]

    List of field join values.

    format str

    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

    format_parameters Sequence[str]

    List of format parameters.

    join_delimiter str

    Join delimiter.

    lookups Sequence[CseLogMappingFieldLookup]

    List of lookup key value pair for field. See lookup_schema for details.

    skipped_values Sequence[str]

    List of skipped values.

    split_delimiter str

    Split delimiter to be used. (some example: ",", "-", "|")

    split_index int

    The index value to select (starting at zero)

    time_zone str

    Time zone.

    value str

    Lookup value.

    value_type str

    The value type.

    name String

    The name of the log mapping.

    alternateValues List<String>

    List of alternate values.

    caseInsensitive Boolean

    Case insensitive flag.

    defaultValue String

    Default value of the field.

    fieldJoins List<String>

    List of field join values.

    format String

    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

    formatParameters List<String>

    List of format parameters.

    joinDelimiter String

    Join delimiter.

    lookups List<Property Map>

    List of lookup key value pair for field. See lookup_schema for details.

    skippedValues List<String>

    List of skipped values.

    splitDelimiter String

    Split delimiter to be used. (some example: ",", "-", "|")

    splitIndex Number

    The index value to select (starting at zero)

    timeZone String

    Time zone.

    value String

    Lookup value.

    valueType String

    The value type.

    CseLogMappingFieldLookup, CseLogMappingFieldLookupArgs

    Key string

    Lookup key.

    Value string

    Lookup value.

    Key string

    Lookup key.

    Value string

    Lookup value.

    key String

    Lookup key.

    value String

    Lookup value.

    key string

    Lookup key.

    value string

    Lookup value.

    key str

    Lookup key.

    value str

    Lookup value.

    key String

    Lookup key.

    value String

    Lookup value.

    CseLogMappingStructuredInput, CseLogMappingStructuredInputArgs

    EventIdPattern string

    Event id pattern.

    LogFormat string

    Log format. (JSON, Windows, Syslog, CEF, LEEF )

    Product string

    Product name.

    Vendor string

    Vendor name.

    EventIdPattern string

    Event id pattern.

    LogFormat string

    Log format. (JSON, Windows, Syslog, CEF, LEEF )

    Product string

    Product name.

    Vendor string

    Vendor name.

    eventIdPattern String

    Event id pattern.

    logFormat String

    Log format. (JSON, Windows, Syslog, CEF, LEEF )

    product String

    Product name.

    vendor String

    Vendor name.

    eventIdPattern string

    Event id pattern.

    logFormat string

    Log format. (JSON, Windows, Syslog, CEF, LEEF )

    product string

    Product name.

    vendor string

    Vendor name.

    event_id_pattern str

    Event id pattern.

    log_format str

    Log format. (JSON, Windows, Syslog, CEF, LEEF )

    product str

    Product name.

    vendor str

    Vendor name.

    eventIdPattern String

    Event id pattern.

    logFormat String

    Log format. (JSON, Windows, Syslog, CEF, LEEF )

    product String

    Product name.

    vendor String

    Vendor name.

    CseLogMappingUnstructuredFields, CseLogMappingUnstructuredFieldsArgs

    PatternNames List<string>

    List of grok pattern names.

    The following attributes are exported:

    PatternNames []string

    List of grok pattern names.

    The following attributes are exported:

    patternNames List<String>

    List of grok pattern names.

    The following attributes are exported:

    patternNames string[]

    List of grok pattern names.

    The following attributes are exported:

    pattern_names Sequence[str]

    List of grok pattern names.

    The following attributes are exported:

    patternNames List<String>

    List of grok pattern names.

    The following attributes are exported:

    Import

    Log Mapping can be imported using the field id, e.g.hcl

     $ pulumi import sumologic:index/cseLogMapping:CseLogMapping log_mapping id
    

    Package Details

    Repository
    Sumo Logic pulumi/pulumi-sumologic
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the sumologic Terraform Provider.

    sumologic logo
    Sumo Logic v0.20.0 published on Monday, Nov 27, 2023 by Pulumi