Docs
Packagessumologic.CseLogMapping
Explore with Pulumi AI
Provides a Sumologic CSE Log Mapping.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;
return await Deployment.RunAsync(() =>
{
var logMapping = new SumoLogic.CseLogMapping("logMapping", new()
{
Enabled = true,
Fields = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldArgs
{
AlternateValues = new[]
{
"altValue",
},
CaseInsensitive = false,
DefaultValue = "",
FieldJoins = new[]
{
"and",
},
Format = "JSON",
FormatParameters = new[]
{
"param",
},
JoinDelimiter = "",
Lookups = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
{
Key = "tunnel-up",
Value = "true",
},
},
Name = "action",
SkippedValues = new[]
{
"-",
},
SplitDelimiter = ",",
SplitIndex = 0,
TimeZone = "UTC",
Value = "action",
ValueType = "constant",
},
},
ProductGuid = "003d35b3-3ba8-4e93-8776-e5810b4e243e",
RecordType = "Audit",
RelatesEntities = true,
SkippedValues = new[]
{
"skipped",
},
StructuredInputs = new[]
{
new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
{
EventIdPattern = "vpn",
LogFormat = "JSON",
Product = "fortinate",
Vendor = "fortinate",
},
},
});
});
package main
import (
"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sumologic.NewCseLogMapping(ctx, "logMapping", &sumologic.CseLogMappingArgs{
Enabled: pulumi.Bool(true),
Fields: sumologic.CseLogMappingFieldArray{
&sumologic.CseLogMappingFieldArgs{
AlternateValues: pulumi.StringArray{
pulumi.String("altValue"),
},
CaseInsensitive: pulumi.Bool(false),
DefaultValue: pulumi.String(""),
FieldJoins: pulumi.StringArray{
pulumi.String("and"),
},
Format: pulumi.String("JSON"),
FormatParameters: pulumi.StringArray{
pulumi.String("param"),
},
JoinDelimiter: pulumi.String(""),
Lookups: sumologic.CseLogMappingFieldLookupArray{
&sumologic.CseLogMappingFieldLookupArgs{
Key: pulumi.String("tunnel-up"),
Value: pulumi.String("true"),
},
},
Name: pulumi.String("action"),
SkippedValues: pulumi.StringArray{
pulumi.String("-"),
},
SplitDelimiter: pulumi.String(","),
SplitIndex: pulumi.Int(0),
TimeZone: pulumi.String("UTC"),
Value: pulumi.String("action"),
ValueType: pulumi.String("constant"),
},
},
ProductGuid: pulumi.String("003d35b3-3ba8-4e93-8776-e5810b4e243e"),
RecordType: pulumi.String("Audit"),
RelatesEntities: pulumi.Bool(true),
SkippedValues: pulumi.StringArray{
pulumi.String("skipped"),
},
StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
&sumologic.CseLogMappingStructuredInputArgs{
EventIdPattern: pulumi.String("vpn"),
LogFormat: pulumi.String("JSON"),
Product: pulumi.String("fortinate"),
Vendor: pulumi.String("fortinate"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.CseLogMapping;
import com.pulumi.sumologic.CseLogMappingArgs;
import com.pulumi.sumologic.inputs.CseLogMappingFieldArgs;
import com.pulumi.sumologic.inputs.CseLogMappingStructuredInputArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var logMapping = new CseLogMapping("logMapping", CseLogMappingArgs.builder()
.enabled(true)
.fields(CseLogMappingFieldArgs.builder()
.alternateValues("altValue")
.caseInsensitive(false)
.defaultValue("")
.fieldJoins("and")
.format("JSON")
.formatParameters("param")
.joinDelimiter("")
.lookups(CseLogMappingFieldLookupArgs.builder()
.key("tunnel-up")
.value("true")
.build())
.name("action")
.skippedValues("-")
.splitDelimiter(",")
.splitIndex(0)
.timeZone("UTC")
.value("action")
.valueType("constant")
.build())
.productGuid("003d35b3-3ba8-4e93-8776-e5810b4e243e")
.recordType("Audit")
.relatesEntities(true)
.skippedValues("skipped")
.structuredInputs(CseLogMappingStructuredInputArgs.builder()
.eventIdPattern("vpn")
.logFormat("JSON")
.product("fortinate")
.vendor("fortinate")
.build())
.build());
}
}
import pulumi
import pulumi_sumologic as sumologic
log_mapping = sumologic.CseLogMapping("logMapping",
enabled=True,
fields=[sumologic.CseLogMappingFieldArgs(
alternate_values=["altValue"],
case_insensitive=False,
default_value="",
field_joins=["and"],
format="JSON",
format_parameters=["param"],
join_delimiter="",
lookups=[sumologic.CseLogMappingFieldLookupArgs(
key="tunnel-up",
value="true",
)],
name="action",
skipped_values=["-"],
split_delimiter=",",
split_index=0,
time_zone="UTC",
value="action",
value_type="constant",
)],
product_guid="003d35b3-3ba8-4e93-8776-e5810b4e243e",
record_type="Audit",
relates_entities=True,
skipped_values=["skipped"],
structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
event_id_pattern="vpn",
log_format="JSON",
product="fortinate",
vendor="fortinate",
)])
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";
const logMapping = new sumologic.CseLogMapping("logMapping", {
enabled: true,
fields: [{
alternateValues: ["altValue"],
caseInsensitive: false,
defaultValue: "",
fieldJoins: ["and"],
format: "JSON",
formatParameters: ["param"],
joinDelimiter: "",
lookups: [{
key: "tunnel-up",
value: "true",
}],
name: "action",
skippedValues: ["-"],
splitDelimiter: ",",
splitIndex: 0,
timeZone: "UTC",
value: "action",
valueType: "constant",
}],
productGuid: "003d35b3-3ba8-4e93-8776-e5810b4e243e",
recordType: "Audit",
relatesEntities: true,
skippedValues: ["skipped"],
structuredInputs: [{
eventIdPattern: "vpn",
logFormat: "JSON",
product: "fortinate",
vendor: "fortinate",
}],
});
resources:
logMapping:
type: sumologic:CseLogMapping
properties:
enabled: true
fields:
- alternateValues:
- altValue
caseInsensitive: false
defaultValue:
fieldJoins:
- and
format: JSON
formatParameters:
- param
joinDelimiter:
lookups:
- key: tunnel-up
value: 'true'
name: action
skippedValues:
- '-'
splitDelimiter: ','
splitIndex: 0
timeZone: UTC
value: action
valueType: constant
productGuid: 003d35b3-3ba8-4e93-8776-e5810b4e243e
recordType: Audit
relatesEntities: true
skippedValues:
- skipped
structuredInputs:
- eventIdPattern: vpn
logFormat: JSON
product: fortinate
vendor: fortinate
Create CseLogMapping Resource
new CseLogMapping(name: string, args: CseLogMappingArgs, opts?: CustomResourceOptions);@overload
def CseLogMapping(resource_name: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
product_guid: Optional[str] = None,
record_type: Optional[str] = None,
relates_entities: Optional[bool] = None,
skipped_values: Optional[Sequence[str]] = None,
structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None)
@overload
def CseLogMapping(resource_name: str,
args: CseLogMappingArgs,
opts: Optional[ResourceOptions] = None)func NewCseLogMapping(ctx *Context, name string, args CseLogMappingArgs, opts ...ResourceOption) (*CseLogMapping, error)public CseLogMapping(string name, CseLogMappingArgs args, CustomResourceOptions? opts = null)
public CseLogMapping(String name, CseLogMappingArgs args)
public CseLogMapping(String name, CseLogMappingArgs args, CustomResourceOptions options)
type: sumologic:CseLogMapping
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
CseLogMapping Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The CseLogMapping resource accepts the following input properties:
- Enabled bool
Enabled flag.
- Fields
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field Args> List of fields for the new log mapping. See field_schema for details.
- Product
Guid string Product GUID.
- Record
Type string The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Name string
The name of the log mapping.
- Parent
Id string The id of the parent log mapping.
- Relates
Entities bool Set to true to relate entities.
- Skipped
Values List<string> List of skipped values.
- Structured
Inputs List<Pulumi.Sumo Logic. Inputs. Cse Log Mapping Structured Input Args> List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields Pulumi.Sumo Logic. Inputs. Cse Log Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- Enabled bool
Enabled flag.
- Fields
[]Cse
Log Mapping Field Args List of fields for the new log mapping. See field_schema for details.
- Product
Guid string Product GUID.
- Record
Type string The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Name string
The name of the log mapping.
- Parent
Id string The id of the parent log mapping.
- Relates
Entities bool Set to true to relate entities.
- Skipped
Values []string List of skipped values.
- Structured
Inputs []CseLog Mapping Structured Input Args List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields CseLog Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
Enabled flag.
- fields
List<Cse
Log Mapping Field Args> List of fields for the new log mapping. See field_schema for details.
- product
Guid String Product GUID.
- record
Type String The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name String
The name of the log mapping.
- parent
Id String The id of the parent log mapping.
- relates
Entities Boolean Set to true to relate entities.
- skipped
Values List<String> List of skipped values.
- structured
Inputs List<CseLog Mapping Structured Input Args> List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled boolean
Enabled flag.
- fields
Cse
Log Mapping Field Args[] List of fields for the new log mapping. See field_schema for details.
- product
Guid string Product GUID.
- record
Type string The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name string
The name of the log mapping.
- parent
Id string The id of the parent log mapping.
- relates
Entities boolean Set to true to relate entities.
- skipped
Values string[] List of skipped values.
- structured
Inputs CseLog Mapping Structured Input Args[] List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled bool
Enabled flag.
- fields
Sequence[Cse
Log Mapping Field Args] List of fields for the new log mapping. See field_schema for details.
- product_
guid str Product GUID.
- record_
type str The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name str
The name of the log mapping.
- parent_
id str The id of the parent log mapping.
- relates_
entities bool Set to true to relate entities.
- skipped_
values Sequence[str] List of skipped values.
- structured_
inputs Sequence[CseLog Mapping Structured Input Args] List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured_
fields CseLog Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
Enabled flag.
- fields List<Property Map>
List of fields for the new log mapping. See field_schema for details.
- product
Guid String Product GUID.
- record
Type String The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name String
The name of the log mapping.
- parent
Id String The id of the parent log mapping.
- relates
Entities Boolean Set to true to relate entities.
- skipped
Values List<String> List of skipped values.
- structured
Inputs List<Property Map> List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields Property Map Unstructured fields for the new log mapping. See unstructured_field_schema for details.
Outputs
All input properties are implicitly available as output properties. Additionally, the CseLogMapping resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing CseLogMapping Resource
Get an existing CseLogMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CseLogMappingState, opts?: CustomResourceOptions): CseLogMapping@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
product_guid: Optional[str] = None,
record_type: Optional[str] = None,
relates_entities: Optional[bool] = None,
skipped_values: Optional[Sequence[str]] = None,
structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None) -> CseLogMappingfunc GetCseLogMapping(ctx *Context, name string, id IDInput, state *CseLogMappingState, opts ...ResourceOption) (*CseLogMapping, error)public static CseLogMapping Get(string name, Input<string> id, CseLogMappingState? state, CustomResourceOptions? opts = null)public static CseLogMapping get(String name, Output<String> id, CseLogMappingState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Enabled bool
Enabled flag.
- Fields
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field Args> List of fields for the new log mapping. See field_schema for details.
- Name string
The name of the log mapping.
- Parent
Id string The id of the parent log mapping.
- Product
Guid string Product GUID.
- Record
Type string The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Relates
Entities bool Set to true to relate entities.
- Skipped
Values List<string> List of skipped values.
- Structured
Inputs List<Pulumi.Sumo Logic. Inputs. Cse Log Mapping Structured Input Args> List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields Pulumi.Sumo Logic. Inputs. Cse Log Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- Enabled bool
Enabled flag.
- Fields
[]Cse
Log Mapping Field Args List of fields for the new log mapping. See field_schema for details.
- Name string
The name of the log mapping.
- Parent
Id string The id of the parent log mapping.
- Product
Guid string Product GUID.
- Record
Type string The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Relates
Entities bool Set to true to relate entities.
- Skipped
Values []string List of skipped values.
- Structured
Inputs []CseLog Mapping Structured Input Args List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields CseLog Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
Enabled flag.
- fields
List<Cse
Log Mapping Field Args> List of fields for the new log mapping. See field_schema for details.
- name String
The name of the log mapping.
- parent
Id String The id of the parent log mapping.
- product
Guid String Product GUID.
- record
Type String The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities Boolean Set to true to relate entities.
- skipped
Values List<String> List of skipped values.
- structured
Inputs List<CseLog Mapping Structured Input Args> List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled boolean
Enabled flag.
- fields
Cse
Log Mapping Field Args[] List of fields for the new log mapping. See field_schema for details.
- name string
The name of the log mapping.
- parent
Id string The id of the parent log mapping.
- product
Guid string Product GUID.
- record
Type string The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities boolean Set to true to relate entities.
- skipped
Values string[] List of skipped values.
- structured
Inputs CseLog Mapping Structured Input Args[] List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled bool
Enabled flag.
- fields
Sequence[Cse
Log Mapping Field Args] List of fields for the new log mapping. See field_schema for details.
- name str
The name of the log mapping.
- parent_
id str The id of the parent log mapping.
- product_
guid str Product GUID.
- record_
type str The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates_
entities bool Set to true to relate entities.
- skipped_
values Sequence[str] List of skipped values.
- structured_
inputs Sequence[CseLog Mapping Structured Input Args] List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured_
fields CseLog Mapping Unstructured Fields Args Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
Enabled flag.
- fields List<Property Map>
List of fields for the new log mapping. See field_schema for details.
- name String
The name of the log mapping.
- parent
Id String The id of the parent log mapping.
- product
Guid String Product GUID.
- record
Type String The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities Boolean Set to true to relate entities.
- skipped
Values List<String> List of skipped values.
- structured
Inputs List<Property Map> List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields Property Map Unstructured fields for the new log mapping. See unstructured_field_schema for details.
Supporting Types
CseLogMappingField
- Name string
The name of the log mapping.
- Alternate
Values List<string> List of alternate values.
- Case
Insensitive bool Case insensitive flag.
- Default
Value string Default value of the field.
- Field
Joins List<string> List of field join values.
- Format string
Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- Format
Parameters List<string> List of format parameters.
- Join
Delimiter string Join delimiter.
- Lookups
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field Lookup> List of lookup key value pair for field. See lookup_schema for details.
- Skipped
Values List<string> List of skipped values.
- Split
Delimiter string Split delimiter to be used. (some example: ",", "-", "|")
- Split
Index int The index value to select (starting at zero)
- Time
Zone string Time zone.
- Value string
Value of the field.
- Value
Type string The value type.
- Name string
The name of the log mapping.
- Alternate
Values []string List of alternate values.
- Case
Insensitive bool Case insensitive flag.
- Default
Value string Default value of the field.
- Field
Joins []string List of field join values.
- Format string
Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- Format
Parameters []string List of format parameters.
- Join
Delimiter string Join delimiter.
- Lookups
[]Cse
Log Mapping Field Lookup List of lookup key value pair for field. See lookup_schema for details.
- Skipped
Values []string List of skipped values.
- Split
Delimiter string Split delimiter to be used. (some example: ",", "-", "|")
- Split
Index int The index value to select (starting at zero)
- Time
Zone string Time zone.
- Value string
Value of the field.
- Value
Type string The value type.
- name String
The name of the log mapping.
- alternate
Values List<String> List of alternate values.
- case
Insensitive Boolean Case insensitive flag.
- default
Value String Default value of the field.
- field
Joins List<String> List of field join values.
- format String
Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- format
Parameters List<String> List of format parameters.
- join
Delimiter String Join delimiter.
- lookups
List<Cse
Log Mapping Field Lookup> List of lookup key value pair for field. See lookup_schema for details.
- skipped
Values List<String> List of skipped values.
- split
Delimiter String Split delimiter to be used. (some example: ",", "-", "|")
- split
Index Integer The index value to select (starting at zero)
- time
Zone String Time zone.
- value String
Value of the field.
- value
Type String The value type.
- name string
The name of the log mapping.
- alternate
Values string[] List of alternate values.
- case
Insensitive boolean Case insensitive flag.
- default
Value string Default value of the field.
- field
Joins string[] List of field join values.
- format string
Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- format
Parameters string[] List of format parameters.
- join
Delimiter string Join delimiter.
- lookups
Cse
Log Mapping Field Lookup[] List of lookup key value pair for field. See lookup_schema for details.
- skipped
Values string[] List of skipped values.
- split
Delimiter string Split delimiter to be used. (some example: ",", "-", "|")
- split
Index number The index value to select (starting at zero)
- time
Zone string Time zone.
- value string
Value of the field.
- value
Type string The value type.
- name str
The name of the log mapping.
- alternate_
values Sequence[str] List of alternate values.
- case_
insensitive bool Case insensitive flag.
- default_
value str Default value of the field.
- field_
joins Sequence[str] List of field join values.
- format str
Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- format_
parameters Sequence[str] List of format parameters.
- join_
delimiter str Join delimiter.
- lookups
Sequence[Cse
Log Mapping Field Lookup] List of lookup key value pair for field. See lookup_schema for details.
- skipped_
values Sequence[str] List of skipped values.
- split_
delimiter str Split delimiter to be used. (some example: ",", "-", "|")
- split_
index int The index value to select (starting at zero)
- time_
zone str Time zone.
- value str
Value of the field.
- value_
type str The value type.
- name String
The name of the log mapping.
- alternate
Values List<String> List of alternate values.
- case
Insensitive Boolean Case insensitive flag.
- default
Value String Default value of the field.
- field
Joins List<String> List of field join values.
- format String
Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
- format
Parameters List<String> List of format parameters.
- join
Delimiter String Join delimiter.
- lookups List<Property Map>
List of lookup key value pair for field. See lookup_schema for details.
- skipped
Values List<String> List of skipped values.
- split
Delimiter String Split delimiter to be used. (some example: ",", "-", "|")
- split
Index Number The index value to select (starting at zero)
- time
Zone String Time zone.
- value String
Value of the field.
- value
Type String The value type.
CseLogMappingFieldLookup
CseLogMappingStructuredInput
- Event
Id stringPattern Event id pattern.
- Log
Format string Log format. (JSON, Windows, Syslog, CEF, LEEF )
- Product string
Product name.
- Vendor string
Vendor name.
- Event
Id stringPattern Event id pattern.
- Log
Format string Log format. (JSON, Windows, Syslog, CEF, LEEF )
- Product string
Product name.
- Vendor string
Vendor name.
- event
Id StringPattern Event id pattern.
- log
Format String Log format. (JSON, Windows, Syslog, CEF, LEEF )
- product String
Product name.
- vendor String
Vendor name.
- event
Id stringPattern Event id pattern.
- log
Format string Log format. (JSON, Windows, Syslog, CEF, LEEF )
- product string
Product name.
- vendor string
Vendor name.
- event_
id_ strpattern Event id pattern.
- log_
format str Log format. (JSON, Windows, Syslog, CEF, LEEF )
- product str
Product name.
- vendor str
Vendor name.
- event
Id StringPattern Event id pattern.
- log
Format String Log format. (JSON, Windows, Syslog, CEF, LEEF )
- product String
Product name.
- vendor String
Vendor name.
CseLogMappingUnstructuredFields
- Pattern
Names List<string> List of grok pattern names.
The following attributes are exported:
- Pattern
Names []string List of grok pattern names.
The following attributes are exported:
- pattern
Names List<String> List of grok pattern names.
The following attributes are exported:
- pattern
Names string[] List of grok pattern names.
The following attributes are exported:
- pattern_
names Sequence[str] List of grok pattern names.
The following attributes are exported:
- pattern
Names List<String> List of grok pattern names.
The following attributes are exported:
Import
Log Mapping can be imported using the field id, e.g.hcl
$ pulumi import sumologic:index/cseLogMapping:CseLogMapping log_mapping id
Package Details
- Repository
- Sumo Logic pulumi/pulumi-sumologic
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
sumologicTerraform Provider.