sumologic.CseLogMapping
Explore with Pulumi AI
Provides a Sumologic CSE Log Mapping.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";
const logMapping = new sumologic.CseLogMapping("log_mapping", {
name: "New Log Mapping",
productGuid: "003d35b3-3ba8-4e93-8776-e5810b4e243e",
recordType: "Audit",
enabled: true,
relatesEntities: true,
skippedValues: ["skipped"],
fields: [{
name: "action",
value: "action",
valueType: "constant",
skippedValues: ["-"],
defaultValue: "",
format: "JSON",
caseInsensitive: false,
alternateValues: ["altValue"],
timeZone: "UTC",
splitDelimiter: ",",
splitIndex: 0,
fieldJoins: ["and"],
joinDelimiter: "",
formatParameters: ["param"],
lookups: [{
key: "tunnel-up",
value: "true",
}],
}],
structuredInputs: [{
eventIdPattern: "vpn",
logFormat: "JSON",
product: "fortinate",
vendor: "fortinate",
}],
});
import pulumi
import pulumi_sumologic as sumologic
log_mapping = sumologic.CseLogMapping("log_mapping",
name="New Log Mapping",
product_guid="003d35b3-3ba8-4e93-8776-e5810b4e243e",
record_type="Audit",
enabled=True,
relates_entities=True,
skipped_values=["skipped"],
fields=[{
"name": "action",
"value": "action",
"value_type": "constant",
"skipped_values": ["-"],
"default_value": "",
"format": "JSON",
"case_insensitive": False,
"alternate_values": ["altValue"],
"time_zone": "UTC",
"split_delimiter": ",",
"split_index": 0,
"field_joins": ["and"],
"join_delimiter": "",
"format_parameters": ["param"],
"lookups": [{
"key": "tunnel-up",
"value": "true",
}],
}],
structured_inputs=[{
"event_id_pattern": "vpn",
"log_format": "JSON",
"product": "fortinate",
"vendor": "fortinate",
}])
package main
import (
"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sumologic.NewCseLogMapping(ctx, "log_mapping", &sumologic.CseLogMappingArgs{
Name: pulumi.String("New Log Mapping"),
ProductGuid: pulumi.String("003d35b3-3ba8-4e93-8776-e5810b4e243e"),
RecordType: pulumi.String("Audit"),
Enabled: pulumi.Bool(true),
RelatesEntities: pulumi.Bool(true),
SkippedValues: pulumi.StringArray{
pulumi.String("skipped"),
},
Fields: sumologic.CseLogMappingFieldArray{
&sumologic.CseLogMappingFieldArgs{
Name: pulumi.String("action"),
Value: pulumi.String("action"),
ValueType: pulumi.String("constant"),
SkippedValues: pulumi.StringArray{
pulumi.String("-"),
},
DefaultValue: pulumi.String(""),
Format: pulumi.String("JSON"),
CaseInsensitive: pulumi.Bool(false),
AlternateValues: pulumi.StringArray{
pulumi.String("altValue"),
},
TimeZone: pulumi.String("UTC"),
SplitDelimiter: pulumi.String(","),
SplitIndex: pulumi.Int(0),
FieldJoins: pulumi.StringArray{
pulumi.String("and"),
},
JoinDelimiter: pulumi.String(""),
FormatParameters: pulumi.StringArray{
pulumi.String("param"),
},
Lookups: sumologic.CseLogMappingFieldLookupArray{
&sumologic.CseLogMappingFieldLookupArgs{
Key: pulumi.String("tunnel-up"),
Value: pulumi.String("true"),
},
},
},
},
StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
&sumologic.CseLogMappingStructuredInputArgs{
EventIdPattern: pulumi.String("vpn"),
LogFormat: pulumi.String("JSON"),
Product: pulumi.String("fortinate"),
Vendor: pulumi.String("fortinate"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;
return await Deployment.RunAsync(() =>
{
var logMapping = new SumoLogic.CseLogMapping("log_mapping", new()
{
Name = "New Log Mapping",
ProductGuid = "003d35b3-3ba8-4e93-8776-e5810b4e243e",
RecordType = "Audit",
Enabled = true,
RelatesEntities = true,
SkippedValues = new[]
{
"skipped",
},
Fields = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldArgs
{
Name = "action",
Value = "action",
ValueType = "constant",
SkippedValues = new[]
{
"-",
},
DefaultValue = "",
Format = "JSON",
CaseInsensitive = false,
AlternateValues = new[]
{
"altValue",
},
TimeZone = "UTC",
SplitDelimiter = ",",
SplitIndex = 0,
FieldJoins = new[]
{
"and",
},
JoinDelimiter = "",
FormatParameters = new[]
{
"param",
},
Lookups = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
{
Key = "tunnel-up",
Value = "true",
},
},
},
},
StructuredInputs = new[]
{
new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
{
EventIdPattern = "vpn",
LogFormat = "JSON",
Product = "fortinate",
Vendor = "fortinate",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.CseLogMapping;
import com.pulumi.sumologic.CseLogMappingArgs;
import com.pulumi.sumologic.inputs.CseLogMappingFieldArgs;
import com.pulumi.sumologic.inputs.CseLogMappingStructuredInputArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var logMapping = new CseLogMapping("logMapping", CseLogMappingArgs.builder()
.name("New Log Mapping")
.productGuid("003d35b3-3ba8-4e93-8776-e5810b4e243e")
.recordType("Audit")
.enabled(true)
.relatesEntities(true)
.skippedValues("skipped")
.fields(CseLogMappingFieldArgs.builder()
.name("action")
.value("action")
.valueType("constant")
.skippedValues("-")
.defaultValue("")
.format("JSON")
.caseInsensitive(false)
.alternateValues("altValue")
.timeZone("UTC")
.splitDelimiter(",")
.splitIndex(0)
.fieldJoins("and")
.joinDelimiter("")
.formatParameters("param")
.lookups(CseLogMappingFieldLookupArgs.builder()
.key("tunnel-up")
.value("true")
.build())
.build())
.structuredInputs(CseLogMappingStructuredInputArgs.builder()
.eventIdPattern("vpn")
.logFormat("JSON")
.product("fortinate")
.vendor("fortinate")
.build())
.build());
}
}
resources:
logMapping:
type: sumologic:CseLogMapping
name: log_mapping
properties:
name: New Log Mapping
productGuid: 003d35b3-3ba8-4e93-8776-e5810b4e243e
recordType: Audit
enabled: true
relatesEntities: true
skippedValues:
- skipped
fields:
- name: action
value: action
valueType: constant
skippedValues:
- '-'
defaultValue:
format: JSON
caseInsensitive: false
alternateValues:
- altValue
timeZone: UTC
splitDelimiter: ','
splitIndex: 0
fieldJoins:
- and
joinDelimiter:
formatParameters:
- param
lookups:
- key: tunnel-up
value: 'true'
structuredInputs:
- eventIdPattern: vpn
logFormat: JSON
product: fortinate
vendor: fortinate
Create CseLogMapping Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CseLogMapping(name: string, args: CseLogMappingArgs, opts?: CustomResourceOptions);
@overload
def CseLogMapping(resource_name: str,
args: CseLogMappingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CseLogMapping(resource_name: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
product_guid: Optional[str] = None,
record_type: Optional[str] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
relates_entities: Optional[bool] = None,
skipped_values: Optional[Sequence[str]] = None,
structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None)
func NewCseLogMapping(ctx *Context, name string, args CseLogMappingArgs, opts ...ResourceOption) (*CseLogMapping, error)
public CseLogMapping(string name, CseLogMappingArgs args, CustomResourceOptions? opts = null)
public CseLogMapping(String name, CseLogMappingArgs args)
public CseLogMapping(String name, CseLogMappingArgs args, CustomResourceOptions options)
type: sumologic:CseLogMapping
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cseLogMappingResource = new SumoLogic.CseLogMapping("cseLogMappingResource", new()
{
Enabled = false,
Fields = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldArgs
{
Name = "string",
JoinDelimiter = "string",
CaseInsensitive = false,
FieldJoins = new[]
{
"string",
},
Format = "string",
FormatParameters = new[]
{
"string",
},
AlternateValues = new[]
{
"string",
},
Lookups = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
{
Key = "string",
Value = "string",
},
},
DefaultValue = "string",
SkippedValues = new[]
{
"string",
},
SplitDelimiter = "string",
SplitIndex = 0,
TimeZone = "string",
Value = "string",
ValueType = "string",
},
},
ProductGuid = "string",
RecordType = "string",
Name = "string",
ParentId = "string",
RelatesEntities = false,
SkippedValues = new[]
{
"string",
},
StructuredInputs = new[]
{
new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
{
EventIdPattern = "string",
LogFormat = "string",
Product = "string",
Vendor = "string",
},
},
UnstructuredFields = new SumoLogic.Inputs.CseLogMappingUnstructuredFieldsArgs
{
PatternNames = new[]
{
"string",
},
},
});
example, err := sumologic.NewCseLogMapping(ctx, "cseLogMappingResource", &sumologic.CseLogMappingArgs{
Enabled: pulumi.Bool(false),
Fields: sumologic.CseLogMappingFieldArray{
&sumologic.CseLogMappingFieldArgs{
Name: pulumi.String("string"),
JoinDelimiter: pulumi.String("string"),
CaseInsensitive: pulumi.Bool(false),
FieldJoins: pulumi.StringArray{
pulumi.String("string"),
},
Format: pulumi.String("string"),
FormatParameters: pulumi.StringArray{
pulumi.String("string"),
},
AlternateValues: pulumi.StringArray{
pulumi.String("string"),
},
Lookups: sumologic.CseLogMappingFieldLookupArray{
&sumologic.CseLogMappingFieldLookupArgs{
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
DefaultValue: pulumi.String("string"),
SkippedValues: pulumi.StringArray{
pulumi.String("string"),
},
SplitDelimiter: pulumi.String("string"),
SplitIndex: pulumi.Int(0),
TimeZone: pulumi.String("string"),
Value: pulumi.String("string"),
ValueType: pulumi.String("string"),
},
},
ProductGuid: pulumi.String("string"),
RecordType: pulumi.String("string"),
Name: pulumi.String("string"),
ParentId: pulumi.String("string"),
RelatesEntities: pulumi.Bool(false),
SkippedValues: pulumi.StringArray{
pulumi.String("string"),
},
StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
&sumologic.CseLogMappingStructuredInputArgs{
EventIdPattern: pulumi.String("string"),
LogFormat: pulumi.String("string"),
Product: pulumi.String("string"),
Vendor: pulumi.String("string"),
},
},
UnstructuredFields: &sumologic.CseLogMappingUnstructuredFieldsArgs{
PatternNames: pulumi.StringArray{
pulumi.String("string"),
},
},
})
var cseLogMappingResource = new CseLogMapping("cseLogMappingResource", CseLogMappingArgs.builder()
.enabled(false)
.fields(CseLogMappingFieldArgs.builder()
.name("string")
.joinDelimiter("string")
.caseInsensitive(false)
.fieldJoins("string")
.format("string")
.formatParameters("string")
.alternateValues("string")
.lookups(CseLogMappingFieldLookupArgs.builder()
.key("string")
.value("string")
.build())
.defaultValue("string")
.skippedValues("string")
.splitDelimiter("string")
.splitIndex(0)
.timeZone("string")
.value("string")
.valueType("string")
.build())
.productGuid("string")
.recordType("string")
.name("string")
.parentId("string")
.relatesEntities(false)
.skippedValues("string")
.structuredInputs(CseLogMappingStructuredInputArgs.builder()
.eventIdPattern("string")
.logFormat("string")
.product("string")
.vendor("string")
.build())
.unstructuredFields(CseLogMappingUnstructuredFieldsArgs.builder()
.patternNames("string")
.build())
.build());
cse_log_mapping_resource = sumologic.CseLogMapping("cseLogMappingResource",
enabled=False,
fields=[sumologic.CseLogMappingFieldArgs(
name="string",
join_delimiter="string",
case_insensitive=False,
field_joins=["string"],
format="string",
format_parameters=["string"],
alternate_values=["string"],
lookups=[sumologic.CseLogMappingFieldLookupArgs(
key="string",
value="string",
)],
default_value="string",
skipped_values=["string"],
split_delimiter="string",
split_index=0,
time_zone="string",
value="string",
value_type="string",
)],
product_guid="string",
record_type="string",
name="string",
parent_id="string",
relates_entities=False,
skipped_values=["string"],
structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
event_id_pattern="string",
log_format="string",
product="string",
vendor="string",
)],
unstructured_fields=sumologic.CseLogMappingUnstructuredFieldsArgs(
pattern_names=["string"],
))
const cseLogMappingResource = new sumologic.CseLogMapping("cseLogMappingResource", {
enabled: false,
fields: [{
name: "string",
joinDelimiter: "string",
caseInsensitive: false,
fieldJoins: ["string"],
format: "string",
formatParameters: ["string"],
alternateValues: ["string"],
lookups: [{
key: "string",
value: "string",
}],
defaultValue: "string",
skippedValues: ["string"],
splitDelimiter: "string",
splitIndex: 0,
timeZone: "string",
value: "string",
valueType: "string",
}],
productGuid: "string",
recordType: "string",
name: "string",
parentId: "string",
relatesEntities: false,
skippedValues: ["string"],
structuredInputs: [{
eventIdPattern: "string",
logFormat: "string",
product: "string",
vendor: "string",
}],
unstructuredFields: {
patternNames: ["string"],
},
});
type: sumologic:CseLogMapping
properties:
enabled: false
fields:
- alternateValues:
- string
caseInsensitive: false
defaultValue: string
fieldJoins:
- string
format: string
formatParameters:
- string
joinDelimiter: string
lookups:
- key: string
value: string
name: string
skippedValues:
- string
splitDelimiter: string
splitIndex: 0
timeZone: string
value: string
valueType: string
name: string
parentId: string
productGuid: string
recordType: string
relatesEntities: false
skippedValues:
- string
structuredInputs:
- eventIdPattern: string
logFormat: string
product: string
vendor: string
unstructuredFields:
patternNames:
- string
CseLogMapping Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The CseLogMapping resource accepts the following input properties:
- Enabled bool
- Enabled flag.
- Fields
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field> - List of fields for the new log mapping. See field_schema for details.
- Product
Guid string - Product GUID.
- Record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Name string
- The name of the log mapping.
- Parent
Id string - The id of the parent log mapping.
- Relates
Entities bool - Set to true to relate entities.
- Skipped
Values List<string> - List of skipped values.
- Structured
Inputs List<Pulumi.Sumo Logic. Inputs. Cse Log Mapping Structured Input> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields Pulumi.Sumo Logic. Inputs. Cse Log Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- Enabled bool
- Enabled flag.
- Fields
[]Cse
Log Mapping Field Args - List of fields for the new log mapping. See field_schema for details.
- Product
Guid string - Product GUID.
- Record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Name string
- The name of the log mapping.
- Parent
Id string - The id of the parent log mapping.
- Relates
Entities bool - Set to true to relate entities.
- Skipped
Values []string - List of skipped values.
- Structured
Inputs []CseLog Mapping Structured Input Args - List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields CseLog Mapping Unstructured Fields Args - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
- Enabled flag.
- fields
List<Cse
Log Mapping Field> - List of fields for the new log mapping. See field_schema for details.
- product
Guid String - Product GUID.
- record
Type String - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name String
- The name of the log mapping.
- parent
Id String - The id of the parent log mapping.
- relates
Entities Boolean - Set to true to relate entities.
- skipped
Values List<String> - List of skipped values.
- structured
Inputs List<CseLog Mapping Structured Input> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled boolean
- Enabled flag.
- fields
Cse
Log Mapping Field[] - List of fields for the new log mapping. See field_schema for details.
- product
Guid string - Product GUID.
- record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name string
- The name of the log mapping.
- parent
Id string - The id of the parent log mapping.
- relates
Entities boolean - Set to true to relate entities.
- skipped
Values string[] - List of skipped values.
- structured
Inputs CseLog Mapping Structured Input[] - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled bool
- Enabled flag.
- fields
Sequence[Cse
Log Mapping Field Args] - List of fields for the new log mapping. See field_schema for details.
- product_
guid str - Product GUID.
- record_
type str - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name str
- The name of the log mapping.
- parent_
id str - The id of the parent log mapping.
- relates_
entities bool - Set to true to relate entities.
- skipped_
values Sequence[str] - List of skipped values.
- structured_
inputs Sequence[CseLog Mapping Structured Input Args] - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured_
fields CseLog Mapping Unstructured Fields Args - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
- Enabled flag.
- fields List<Property Map>
- List of fields for the new log mapping. See field_schema for details.
- product
Guid String - Product GUID.
- record
Type String - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name String
- The name of the log mapping.
- parent
Id String - The id of the parent log mapping.
- relates
Entities Boolean - Set to true to relate entities.
- skipped
Values List<String> - List of skipped values.
- structured
Inputs List<Property Map> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields Property Map - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
Outputs
All input properties are implicitly available as output properties. Additionally, the CseLogMapping resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CseLogMapping Resource
Get an existing CseLogMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CseLogMappingState, opts?: CustomResourceOptions): CseLogMapping
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
product_guid: Optional[str] = None,
record_type: Optional[str] = None,
relates_entities: Optional[bool] = None,
skipped_values: Optional[Sequence[str]] = None,
structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None) -> CseLogMapping
func GetCseLogMapping(ctx *Context, name string, id IDInput, state *CseLogMappingState, opts ...ResourceOption) (*CseLogMapping, error)
public static CseLogMapping Get(string name, Input<string> id, CseLogMappingState? state, CustomResourceOptions? opts = null)
public static CseLogMapping get(String name, Output<String> id, CseLogMappingState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Enabled bool
- Enabled flag.
- Fields
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field> - List of fields for the new log mapping. See field_schema for details.
- Name string
- The name of the log mapping.
- Parent
Id string - The id of the parent log mapping.
- Product
Guid string - Product GUID.
- Record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Relates
Entities bool - Set to true to relate entities.
- Skipped
Values List<string> - List of skipped values.
- Structured
Inputs List<Pulumi.Sumo Logic. Inputs. Cse Log Mapping Structured Input> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields Pulumi.Sumo Logic. Inputs. Cse Log Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- Enabled bool
- Enabled flag.
- Fields
[]Cse
Log Mapping Field Args - List of fields for the new log mapping. See field_schema for details.
- Name string
- The name of the log mapping.
- Parent
Id string - The id of the parent log mapping.
- Product
Guid string - Product GUID.
- Record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Relates
Entities bool - Set to true to relate entities.
- Skipped
Values []string - List of skipped values.
- Structured
Inputs []CseLog Mapping Structured Input Args - List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields CseLog Mapping Unstructured Fields Args - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
- Enabled flag.
- fields
List<Cse
Log Mapping Field> - List of fields for the new log mapping. See field_schema for details.
- name String
- The name of the log mapping.
- parent
Id String - The id of the parent log mapping.
- product
Guid String - Product GUID.
- record
Type String - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities Boolean - Set to true to relate entities.
- skipped
Values List<String> - List of skipped values.
- structured
Inputs List<CseLog Mapping Structured Input> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled boolean
- Enabled flag.
- fields
Cse
Log Mapping Field[] - List of fields for the new log mapping. See field_schema for details.
- name string
- The name of the log mapping.
- parent
Id string - The id of the parent log mapping.
- product
Guid string - Product GUID.
- record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities boolean - Set to true to relate entities.
- skipped
Values string[] - List of skipped values.
- structured
Inputs CseLog Mapping Structured Input[] - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled bool
- Enabled flag.
- fields
Sequence[Cse
Log Mapping Field Args] - List of fields for the new log mapping. See field_schema for details.
- name str
- The name of the log mapping.
- parent_
id str - The id of the parent log mapping.
- product_
guid str - Product GUID.
- record_
type str - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates_
entities bool - Set to true to relate entities.
- skipped_
values Sequence[str] - List of skipped values.
- structured_
inputs Sequence[CseLog Mapping Structured Input Args] - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured_
fields CseLog Mapping Unstructured Fields Args - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
- Enabled flag.
- fields List<Property Map>
- List of fields for the new log mapping. See field_schema for details.
- name String
- The name of the log mapping.
- parent
Id String - The id of the parent log mapping.
- product
Guid String - Product GUID.
- record
Type String - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities Boolean - Set to true to relate entities.
- skipped
Values List<String> - List of skipped values.
- structured
Inputs List<Property Map> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields Property Map - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
Supporting Types
CseLogMappingField, CseLogMappingFieldArgs
- Name string
- The name of the log mapping.
- Alternate
Values List<string> - List of alternate values.
- Case
Insensitive bool - Case insensitive flag.
- Default
Value string - Default value of the field.
- Field
Joins List<string> - List of field join values.
- Format string
- Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- Format
Parameters List<string> - List of format parameters.
- Join
Delimiter string - Join delimiter.
- Lookups
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field Lookup> - List of lookup key value pair for field. See lookup_schema for details.
- Skipped
Values List<string> - List of skipped values.
- Split
Delimiter string - Split delimiter to be used. (some example: ",", "-", "|")
- Split
Index int - The index value to select (starting at zero)
- Time
Zone string - Time zone.
- Value string
- Lookup value.
- Value
Type string - The value type.
- Name string
- The name of the log mapping.
- Alternate
Values []string - List of alternate values.
- Case
Insensitive bool - Case insensitive flag.
- Default
Value string - Default value of the field.
- Field
Joins []string - List of field join values.
- Format string
- Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- Format
Parameters []string - List of format parameters.
- Join
Delimiter string - Join delimiter.
- Lookups
[]Cse
Log Mapping Field Lookup - List of lookup key value pair for field. See lookup_schema for details.
- Skipped
Values []string - List of skipped values.
- Split
Delimiter string - Split delimiter to be used. (some example: ",", "-", "|")
- Split
Index int - The index value to select (starting at zero)
- Time
Zone string - Time zone.
- Value string
- Lookup value.
- Value
Type string - The value type.
- name String
- The name of the log mapping.
- alternate
Values List<String> - List of alternate values.
- case
Insensitive Boolean - Case insensitive flag.
- default
Value String - Default value of the field.
- field
Joins List<String> - List of field join values.
- format String
- Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- format
Parameters List<String> - List of format parameters.
- join
Delimiter String - Join delimiter.
- lookups
List<Cse
Log Mapping Field Lookup> - List of lookup key value pair for field. See lookup_schema for details.
- skipped
Values List<String> - List of skipped values.
- split
Delimiter String - Split delimiter to be used. (some example: ",", "-", "|")
- split
Index Integer - The index value to select (starting at zero)
- time
Zone String - Time zone.
- value String
- Lookup value.
- value
Type String - The value type.
- name string
- The name of the log mapping.
- alternate
Values string[] - List of alternate values.
- case
Insensitive boolean - Case insensitive flag.
- default
Value string - Default value of the field.
- field
Joins string[] - List of field join values.
- format string
- Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- format
Parameters string[] - List of format parameters.
- join
Delimiter string - Join delimiter.
- lookups
Cse
Log Mapping Field Lookup[] - List of lookup key value pair for field. See lookup_schema for details.
- skipped
Values string[] - List of skipped values.
- split
Delimiter string - Split delimiter to be used. (some example: ",", "-", "|")
- split
Index number - The index value to select (starting at zero)
- time
Zone string - Time zone.
- value string
- Lookup value.
- value
Type string - The value type.
- name str
- The name of the log mapping.
- alternate_
values Sequence[str] - List of alternate values.
- case_
insensitive bool - Case insensitive flag.
- default_
value str - Default value of the field.
- field_
joins Sequence[str] - List of field join values.
- format str
- Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- format_
parameters Sequence[str] - List of format parameters.
- join_
delimiter str - Join delimiter.
- lookups
Sequence[Cse
Log Mapping Field Lookup] - List of lookup key value pair for field. See lookup_schema for details.
- skipped_
values Sequence[str] - List of skipped values.
- split_
delimiter str - Split delimiter to be used. (some example: ",", "-", "|")
- split_
index int - The index value to select (starting at zero)
- time_
zone str - Time zone.
- value str
- Lookup value.
- value_
type str - The value type.
- name String
- The name of the log mapping.
- alternate
Values List<String> - List of alternate values.
- case
Insensitive Boolean - Case insensitive flag.
- default
Value String - Default value of the field.
- field
Joins List<String> - List of field join values.
- format String
- Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- format
Parameters List<String> - List of format parameters.
- join
Delimiter String - Join delimiter.
- lookups List<Property Map>
- List of lookup key value pair for field. See lookup_schema for details.
- skipped
Values List<String> - List of skipped values.
- split
Delimiter String - Split delimiter to be used. (some example: ",", "-", "|")
- split
Index Number - The index value to select (starting at zero)
- time
Zone String - Time zone.
- value String
- Lookup value.
- value
Type String - The value type.
CseLogMappingFieldLookup, CseLogMappingFieldLookupArgs
CseLogMappingStructuredInput, CseLogMappingStructuredInputArgs
- Event
Id stringPattern - Event id pattern.
- Log
Format string - Log format. (JSON, Windows, Syslog, CEF, LEEF )
- Product string
- Product name.
- Vendor string
- Vendor name.
- Event
Id stringPattern - Event id pattern.
- Log
Format string - Log format. (JSON, Windows, Syslog, CEF, LEEF )
- Product string
- Product name.
- Vendor string
- Vendor name.
- event
Id StringPattern - Event id pattern.
- log
Format String - Log format. (JSON, Windows, Syslog, CEF, LEEF )
- product String
- Product name.
- vendor String
- Vendor name.
- event
Id stringPattern - Event id pattern.
- log
Format string - Log format. (JSON, Windows, Syslog, CEF, LEEF )
- product string
- Product name.
- vendor string
- Vendor name.
- event_
id_ strpattern - Event id pattern.
- log_
format str - Log format. (JSON, Windows, Syslog, CEF, LEEF )
- product str
- Product name.
- vendor str
- Vendor name.
- event
Id StringPattern - Event id pattern.
- log
Format String - Log format. (JSON, Windows, Syslog, CEF, LEEF )
- product String
- Product name.
- vendor String
- Vendor name.
CseLogMappingUnstructuredFields, CseLogMappingUnstructuredFieldsArgs
- Pattern
Names List<string> List of grok pattern names.
The following attributes are exported:
- Pattern
Names []string List of grok pattern names.
The following attributes are exported:
- pattern
Names List<String> List of grok pattern names.
The following attributes are exported:
- pattern
Names string[] List of grok pattern names.
The following attributes are exported:
- pattern_
names Sequence[str] List of grok pattern names.
The following attributes are exported:
- pattern
Names List<String> List of grok pattern names.
The following attributes are exported:
Import
Log Mapping can be imported using the field id, e.g.:
hcl
$ pulumi import sumologic:index/cseLogMapping:CseLogMapping log_mapping id
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Sumo Logic pulumi/pulumi-sumologic
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
sumologic
Terraform Provider.