CseLogMapping

Provides a Sumologic CSE Log Mapping.

Example Usage

using System.Collections.Generic;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;

return await Deployment.RunAsync(() => 
{
    var logMapping = new SumoLogic.CseLogMapping("logMapping", new()
    {
        Enabled = true,
        Fields = new[]
        {
            new SumoLogic.Inputs.CseLogMappingFieldArgs
            {
                AlternateValues = new[]
                {
                    "altValue",
                },
                CaseInsensitive = false,
                DefaultValue = "",
                FieldJoins = new[]
                {
                    "and",
                },
                Format = "JSON",
                FormatParameters = new[]
                {
                    "param",
                },
                JoinDelimiter = "",
                Lookups = new[]
                {
                    new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
                    {
                        Key = "tunnel-up",
                        Value = "true",
                    },
                },
                Name = "action",
                SkippedValues = new[]
                {
                    "-",
                },
                SplitDelimiter = ",",
                SplitIndex = 0,
                TimeZone = "UTC",
                Value = "action",
                ValueType = "constant",
            },
        },
        ProductGuid = "003d35b3-3ba8-4e93-8776-e5810b4e243e",
        RecordType = "Audit",
        RelatesEntities = true,
        SkippedValues = new[]
        {
            "skipped",
        },
        StructuredInputs = new[]
        {
            new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
            {
                EventIdPattern = "vpn",
                LogFormat = "JSON",
                Product = "fortinate",
                Vendor = "fortinate",
            },
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sumologic.NewCseLogMapping(ctx, "logMapping", &sumologic.CseLogMappingArgs{
			Enabled: pulumi.Bool(true),
			Fields: CseLogMappingFieldArray{
				&CseLogMappingFieldArgs{
					AlternateValues: pulumi.StringArray{
						pulumi.String("altValue"),
					},
					CaseInsensitive: pulumi.Bool(false),
					DefaultValue:    pulumi.String(""),
					FieldJoins: pulumi.StringArray{
						pulumi.String("and"),
					},
					Format: pulumi.String("JSON"),
					FormatParameters: pulumi.StringArray{
						pulumi.String("param"),
					},
					JoinDelimiter: pulumi.String(""),
					Lookups: CseLogMappingFieldLookupArray{
						&CseLogMappingFieldLookupArgs{
							Key:   pulumi.String("tunnel-up"),
							Value: pulumi.String("true"),
						},
					},
					Name: pulumi.String("action"),
					SkippedValues: pulumi.StringArray{
						pulumi.String("-"),
					},
					SplitDelimiter: pulumi.String(","),
					SplitIndex:     pulumi.Int(0),
					TimeZone:       pulumi.String("UTC"),
					Value:          pulumi.String("action"),
					ValueType:      pulumi.String("constant"),
				},
			},
			ProductGuid:     pulumi.String("003d35b3-3ba8-4e93-8776-e5810b4e243e"),
			RecordType:      pulumi.String("Audit"),
			RelatesEntities: pulumi.Bool(true),
			SkippedValues: pulumi.StringArray{
				pulumi.String("skipped"),
			},
			StructuredInputs: CseLogMappingStructuredInputArray{
				&CseLogMappingStructuredInputArgs{
					EventIdPattern: pulumi.String("vpn"),
					LogFormat:      pulumi.String("JSON"),
					Product:        pulumi.String("fortinate"),
					Vendor:         pulumi.String("fortinate"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.CseLogMapping;
import com.pulumi.sumologic.CseLogMappingArgs;
import com.pulumi.sumologic.inputs.CseLogMappingFieldArgs;
import com.pulumi.sumologic.inputs.CseLogMappingStructuredInputArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var logMapping = new CseLogMapping("logMapping", CseLogMappingArgs.builder()        
            .enabled(true)
            .fields(CseLogMappingFieldArgs.builder()
                .alternateValues("altValue")
                .caseInsensitive(false)
                .defaultValue("")
                .fieldJoins("and")
                .format("JSON")
                .formatParameters("param")
                .joinDelimiter("")
                .lookups(CseLogMappingFieldLookupArgs.builder()
                    .key("tunnel-up")
                    .value("true")
                    .build())
                .name("action")
                .skippedValues("-")
                .splitDelimiter(",")
                .splitIndex(0)
                .timeZone("UTC")
                .value("action")
                .valueType("constant")
                .build())
            .productGuid("003d35b3-3ba8-4e93-8776-e5810b4e243e")
            .recordType("Audit")
            .relatesEntities(true)
            .skippedValues("skipped")
            .structuredInputs(CseLogMappingStructuredInputArgs.builder()
                .eventIdPattern("vpn")
                .logFormat("JSON")
                .product("fortinate")
                .vendor("fortinate")
                .build())
            .build());

    }
}
import pulumi
import pulumi_sumologic as sumologic

log_mapping = sumologic.CseLogMapping("logMapping",
    enabled=True,
    fields=[sumologic.CseLogMappingFieldArgs(
        alternate_values=["altValue"],
        case_insensitive=False,
        default_value="",
        field_joins=["and"],
        format="JSON",
        format_parameters=["param"],
        join_delimiter="",
        lookups=[sumologic.CseLogMappingFieldLookupArgs(
            key="tunnel-up",
            value="true",
        )],
        name="action",
        skipped_values=["-"],
        split_delimiter=",",
        split_index=0,
        time_zone="UTC",
        value="action",
        value_type="constant",
    )],
    product_guid="003d35b3-3ba8-4e93-8776-e5810b4e243e",
    record_type="Audit",
    relates_entities=True,
    skipped_values=["skipped"],
    structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
        event_id_pattern="vpn",
        log_format="JSON",
        product="fortinate",
        vendor="fortinate",
    )])
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";

const logMapping = new sumologic.CseLogMapping("log_mapping", {
    enabled: true,
    fields: [{
        alternateValues: ["altValue"],
        caseInsensitive: false,
        defaultValue: "",
        fieldJoins: ["and"],
        format: "JSON",
        formatParameters: ["param"],
        joinDelimiter: "",
        lookups: [{
            key: "tunnel-up",
            value: "true",
        }],
        name: "action",
        skippedValues: ["-"],
        splitDelimiter: ",",
        splitIndex: 0,
        timeZone: "UTC",
        value: "action",
        valueType: "constant",
    }],
    productGuid: "003d35b3-3ba8-4e93-8776-e5810b4e243e",
    recordType: "Audit",
    relatesEntities: true,
    skippedValues: ["skipped"],
    structuredInputs: [{
        eventIdPattern: "vpn",
        logFormat: "JSON",
        product: "fortinate",
        vendor: "fortinate",
    }],
});
resources:
  logMapping:
    type: sumologic:CseLogMapping
    properties:
      enabled: true
      fields:
        - alternateValues:
            - altValue
          caseInsensitive: false
          defaultValue:
          fieldJoins:
            - and
          format: JSON
          formatParameters:
            - param
          joinDelimiter:
          lookups:
            - key: tunnel-up
              value: true
          name: action
          skippedValues:
            - '-'
          splitDelimiter: ','
          splitIndex: 0
          timeZone: UTC
          value: action
          valueType: constant
      productGuid: 003d35b3-3ba8-4e93-8776-e5810b4e243e
      recordType: Audit
      relatesEntities: true
      skippedValues:
        - skipped
      structuredInputs:
        - eventIdPattern: vpn
          logFormat: JSON
          product: fortinate
          vendor: fortinate

Create CseLogMapping Resource

new CseLogMapping(name: string, args: CseLogMappingArgs, opts?: CustomResourceOptions);
@overload
def CseLogMapping(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  enabled: Optional[bool] = None,
                  fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
                  name: Optional[str] = None,
                  parent_id: Optional[str] = None,
                  product_guid: Optional[str] = None,
                  record_type: Optional[str] = None,
                  relates_entities: Optional[bool] = None,
                  skipped_values: Optional[Sequence[str]] = None,
                  structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
                  unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None)
@overload
def CseLogMapping(resource_name: str,
                  args: CseLogMappingArgs,
                  opts: Optional[ResourceOptions] = None)
func NewCseLogMapping(ctx *Context, name string, args CseLogMappingArgs, opts ...ResourceOption) (*CseLogMapping, error)
public CseLogMapping(string name, CseLogMappingArgs args, CustomResourceOptions? opts = null)
public CseLogMapping(String name, CseLogMappingArgs args)
public CseLogMapping(String name, CseLogMappingArgs args, CustomResourceOptions options)
type: sumologic:CseLogMapping
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args CseLogMappingArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args CseLogMappingArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args CseLogMappingArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args CseLogMappingArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args CseLogMappingArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

CseLogMapping Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The CseLogMapping resource accepts the following input properties:

Enabled bool

Enabled flag.

Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingFieldArgs>

List of fields for the new log mapping. See field_schema for details.

ProductGuid string

Product GUID.

RecordType string

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

Name string

Name of the field.

ParentId string

The id of the parent log mapping.

RelatesEntities bool

Set to true to relate entities.

SkippedValues List<string>

List of skipped values.

StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInputArgs>

List of structured inputs for the new log mapping. See structured_input_schema for details.

UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

Enabled bool

Enabled flag.

Fields []CseLogMappingFieldArgs

List of fields for the new log mapping. See field_schema for details.

ProductGuid string

Product GUID.

RecordType string

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

Name string

Name of the field.

ParentId string

The id of the parent log mapping.

RelatesEntities bool

Set to true to relate entities.

SkippedValues []string

List of skipped values.

StructuredInputs []CseLogMappingStructuredInputArgs

List of structured inputs for the new log mapping. See structured_input_schema for details.

UnstructuredFields CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled Boolean

Enabled flag.

fields List<CseLogMappingFieldArgs>

List of fields for the new log mapping. See field_schema for details.

productGuid String

Product GUID.

recordType String

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

name String

Name of the field.

parentId String

The id of the parent log mapping.

relatesEntities Boolean

Set to true to relate entities.

skippedValues List<String>

List of skipped values.

structuredInputs List<CseLogMappingStructuredInputArgs>

List of structured inputs for the new log mapping. See structured_input_schema for details.

unstructuredFields CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled boolean

Enabled flag.

fields CseLogMappingFieldArgs[]

List of fields for the new log mapping. See field_schema for details.

productGuid string

Product GUID.

recordType string

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

name string

Name of the field.

parentId string

The id of the parent log mapping.

relatesEntities boolean

Set to true to relate entities.

skippedValues string[]

List of skipped values.

structuredInputs CseLogMappingStructuredInputArgs[]

List of structured inputs for the new log mapping. See structured_input_schema for details.

unstructuredFields CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled bool

Enabled flag.

fields Sequence[CseLogMappingFieldArgs]

List of fields for the new log mapping. See field_schema for details.

product_guid str

Product GUID.

record_type str

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

name str

Name of the field.

parent_id str

The id of the parent log mapping.

relates_entities bool

Set to true to relate entities.

skipped_values Sequence[str]

List of skipped values.

structured_inputs Sequence[CseLogMappingStructuredInputArgs]

List of structured inputs for the new log mapping. See structured_input_schema for details.

unstructured_fields CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled Boolean

Enabled flag.

fields List<Property Map>

List of fields for the new log mapping. See field_schema for details.

productGuid String

Product GUID.

recordType String

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

name String

Name of the field.

parentId String

The id of the parent log mapping.

relatesEntities Boolean

Set to true to relate entities.

skippedValues List<String>

List of skipped values.

structuredInputs List<Property Map>

List of structured inputs for the new log mapping. See structured_input_schema for details.

unstructuredFields Property Map

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

Outputs

All input properties are implicitly available as output properties. Additionally, the CseLogMapping resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing CseLogMapping Resource

Get an existing CseLogMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: CseLogMappingState, opts?: CustomResourceOptions): CseLogMapping
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        enabled: Optional[bool] = None,
        fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
        name: Optional[str] = None,
        parent_id: Optional[str] = None,
        product_guid: Optional[str] = None,
        record_type: Optional[str] = None,
        relates_entities: Optional[bool] = None,
        skipped_values: Optional[Sequence[str]] = None,
        structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
        unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None) -> CseLogMapping
func GetCseLogMapping(ctx *Context, name string, id IDInput, state *CseLogMappingState, opts ...ResourceOption) (*CseLogMapping, error)
public static CseLogMapping Get(string name, Input<string> id, CseLogMappingState? state, CustomResourceOptions? opts = null)
public static CseLogMapping get(String name, Output<String> id, CseLogMappingState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Enabled bool

Enabled flag.

Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingFieldArgs>

List of fields for the new log mapping. See field_schema for details.

Name string

Name of the field.

ParentId string

The id of the parent log mapping.

ProductGuid string

Product GUID.

RecordType string

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

RelatesEntities bool

Set to true to relate entities.

SkippedValues List<string>

List of skipped values.

StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInputArgs>

List of structured inputs for the new log mapping. See structured_input_schema for details.

UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

Enabled bool

Enabled flag.

Fields []CseLogMappingFieldArgs

List of fields for the new log mapping. See field_schema for details.

Name string

Name of the field.

ParentId string

The id of the parent log mapping.

ProductGuid string

Product GUID.

RecordType string

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

RelatesEntities bool

Set to true to relate entities.

SkippedValues []string

List of skipped values.

StructuredInputs []CseLogMappingStructuredInputArgs

List of structured inputs for the new log mapping. See structured_input_schema for details.

UnstructuredFields CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled Boolean

Enabled flag.

fields List<CseLogMappingFieldArgs>

List of fields for the new log mapping. See field_schema for details.

name String

Name of the field.

parentId String

The id of the parent log mapping.

productGuid String

Product GUID.

recordType String

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

relatesEntities Boolean

Set to true to relate entities.

skippedValues List<String>

List of skipped values.

structuredInputs List<CseLogMappingStructuredInputArgs>

List of structured inputs for the new log mapping. See structured_input_schema for details.

unstructuredFields CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled boolean

Enabled flag.

fields CseLogMappingFieldArgs[]

List of fields for the new log mapping. See field_schema for details.

name string

Name of the field.

parentId string

The id of the parent log mapping.

productGuid string

Product GUID.

recordType string

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

relatesEntities boolean

Set to true to relate entities.

skippedValues string[]

List of skipped values.

structuredInputs CseLogMappingStructuredInputArgs[]

List of structured inputs for the new log mapping. See structured_input_schema for details.

unstructuredFields CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled bool

Enabled flag.

fields Sequence[CseLogMappingFieldArgs]

List of fields for the new log mapping. See field_schema for details.

name str

Name of the field.

parent_id str

The id of the parent log mapping.

product_guid str

Product GUID.

record_type str

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

relates_entities bool

Set to true to relate entities.

skipped_values Sequence[str]

List of skipped values.

structured_inputs Sequence[CseLogMappingStructuredInputArgs]

List of structured inputs for the new log mapping. See structured_input_schema for details.

unstructured_fields CseLogMappingUnstructuredFieldsArgs

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled Boolean

Enabled flag.

fields List<Property Map>

List of fields for the new log mapping. See field_schema for details.

name String

Name of the field.

parentId String

The id of the parent log mapping.

productGuid String

Product GUID.

recordType String

The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)

relatesEntities Boolean

Set to true to relate entities.

skippedValues List<String>

List of skipped values.

structuredInputs List<Property Map>

List of structured inputs for the new log mapping. See structured_input_schema for details.

unstructuredFields Property Map

Unstructured fields for the new log mapping. See unstructured_field_schema for details.

Supporting Types

CseLogMappingField

Name string

Name of the field.

AlternateValues List<string>

List of alternate values.

CaseInsensitive bool

Case insensitive flag.

DefaultValue string

Default value of the field.

FieldJoins List<string>

List of field join values.

Format string

Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

FormatParameters List<string>

List of format parameters.

JoinDelimiter string

Join delimiter.

Lookups List<Pulumi.SumoLogic.Inputs.CseLogMappingFieldLookup>

List of lookup key value pair for field. See lookup_schema for details.

SkippedValues List<string>

List of skipped values.

SplitDelimiter string

Split delimiter to be used. (some example: ",", "-", "|")

SplitIndex int

The index value to select (starting at zero)

TimeZone string

Time zone.

Value string

Lookup value.

ValueType string

The value type.

Name string

Name of the field.

AlternateValues []string

List of alternate values.

CaseInsensitive bool

Case insensitive flag.

DefaultValue string

Default value of the field.

FieldJoins []string

List of field join values.

Format string

Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

FormatParameters []string

List of format parameters.

JoinDelimiter string

Join delimiter.

Lookups []CseLogMappingFieldLookup

List of lookup key value pair for field. See lookup_schema for details.

SkippedValues []string

List of skipped values.

SplitDelimiter string

Split delimiter to be used. (some example: ",", "-", "|")

SplitIndex int

The index value to select (starting at zero)

TimeZone string

Time zone.

Value string

Lookup value.

ValueType string

The value type.

name String

Name of the field.

alternateValues List<String>

List of alternate values.

caseInsensitive Boolean

Case insensitive flag.

defaultValue String

Default value of the field.

fieldJoins List<String>

List of field join values.

format String

Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

formatParameters List<String>

List of format parameters.

joinDelimiter String

Join delimiter.

lookups List<CseLogMappingFieldLookup>

List of lookup key value pair for field. See lookup_schema for details.

skippedValues List<String>

List of skipped values.

splitDelimiter String

Split delimiter to be used. (some example: ",", "-", "|")

splitIndex Integer

The index value to select (starting at zero)

timeZone String

Time zone.

value String

Lookup value.

valueType String

The value type.

name string

Name of the field.

alternateValues string[]

List of alternate values.

caseInsensitive boolean

Case insensitive flag.

defaultValue string

Default value of the field.

fieldJoins string[]

List of field join values.

format string

Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

formatParameters string[]

List of format parameters.

joinDelimiter string

Join delimiter.

lookups CseLogMappingFieldLookup[]

List of lookup key value pair for field. See lookup_schema for details.

skippedValues string[]

List of skipped values.

splitDelimiter string

Split delimiter to be used. (some example: ",", "-", "|")

splitIndex number

The index value to select (starting at zero)

timeZone string

Time zone.

value string

Lookup value.

valueType string

The value type.

name str

Name of the field.

alternate_values Sequence[str]

List of alternate values.

case_insensitive bool

Case insensitive flag.

default_value str

Default value of the field.

field_joins Sequence[str]

List of field join values.

format str

Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

format_parameters Sequence[str]

List of format parameters.

join_delimiter str

Join delimiter.

lookups Sequence[CseLogMappingFieldLookup]

List of lookup key value pair for field. See lookup_schema for details.

skipped_values Sequence[str]

List of skipped values.

split_delimiter str

Split delimiter to be used. (some example: ",", "-", "|")

split_index int

The index value to select (starting at zero)

time_zone str

Time zone.

value str

Lookup value.

value_type str

The value type.

name String

Name of the field.

alternateValues List<String>

List of alternate values.

caseInsensitive Boolean

Case insensitive flag.

defaultValue String

Default value of the field.

fieldJoins List<String>

List of field join values.

format String

Format of the field. (JSON, Windows, Syslog, CEF, LEEF )

formatParameters List<String>

List of format parameters.

joinDelimiter String

Join delimiter.

lookups List<Property Map>

List of lookup key value pair for field. See lookup_schema for details.

skippedValues List<String>

List of skipped values.

splitDelimiter String

Split delimiter to be used. (some example: ",", "-", "|")

splitIndex Number

The index value to select (starting at zero)

timeZone String

Time zone.

value String

Lookup value.

valueType String

The value type.

CseLogMappingFieldLookup

Key string

Lookup key.

Value string

Lookup value.

Key string

Lookup key.

Value string

Lookup value.

key String

Lookup key.

value String

Lookup value.

key string

Lookup key.

value string

Lookup value.

key str

Lookup key.

value str

Lookup value.

key String

Lookup key.

value String

Lookup value.

CseLogMappingStructuredInput

EventIdPattern string

Event id pattern.

LogFormat string

Log format. (JSON, Windows, Syslog, CEF, LEEF )

Product string

Product name.

Vendor string

Vendor name.

EventIdPattern string

Event id pattern.

LogFormat string

Log format. (JSON, Windows, Syslog, CEF, LEEF )

Product string

Product name.

Vendor string

Vendor name.

eventIdPattern String

Event id pattern.

logFormat String

Log format. (JSON, Windows, Syslog, CEF, LEEF )

product String

Product name.

vendor String

Vendor name.

eventIdPattern string

Event id pattern.

logFormat string

Log format. (JSON, Windows, Syslog, CEF, LEEF )

product string

Product name.

vendor string

Vendor name.

event_id_pattern str

Event id pattern.

log_format str

Log format. (JSON, Windows, Syslog, CEF, LEEF )

product str

Product name.

vendor str

Vendor name.

eventIdPattern String

Event id pattern.

logFormat String

Log format. (JSON, Windows, Syslog, CEF, LEEF )

product String

Product name.

vendor String

Vendor name.

CseLogMappingUnstructuredFields

PatternNames List<string>

List of grok pattern names.

PatternNames []string

List of grok pattern names.

patternNames List<String>

List of grok pattern names.

patternNames string[]

List of grok pattern names.

pattern_names Sequence[str]

List of grok pattern names.

patternNames List<String>

List of grok pattern names.

Import

Log Mapping can be imported using the field id, e.g.hcl

 $ pulumi import sumologic:index/cseLogMapping:CseLogMapping log_mapping id

Package Details

Repository
https://github.com/pulumi/pulumi-sumologic
License
Apache-2.0
Notes

This Pulumi package is based on the sumologic Terraform Provider.