1. Packages
  2. Sumo Logic
  3. API Docs
  4. CseLogMapping
Sumo Logic v0.23.4 published on Friday, Sep 20, 2024 by Pulumi

sumologic.CseLogMapping

Explore with Pulumi AI

sumologic logo
Sumo Logic v0.23.4 published on Friday, Sep 20, 2024 by Pulumi

    Provides a Sumologic CSE Log Mapping.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as sumologic from "@pulumi/sumologic";
    
    const logMapping = new sumologic.CseLogMapping("log_mapping", {
        name: "New Log Mapping",
        productGuid: "003d35b3-3ba8-4e93-8776-e5810b4e243e",
        recordType: "Audit",
        enabled: true,
        relatesEntities: true,
        skippedValues: ["skipped"],
        fields: [{
            name: "action",
            value: "action",
            valueType: "constant",
            skippedValues: ["-"],
            defaultValue: "",
            format: "JSON",
            caseInsensitive: false,
            alternateValues: ["altValue"],
            timeZone: "UTC",
            splitDelimiter: ",",
            splitIndex: 0,
            fieldJoins: ["and"],
            joinDelimiter: "",
            formatParameters: ["param"],
            lookups: [{
                key: "tunnel-up",
                value: "true",
            }],
        }],
        structuredInputs: [{
            eventIdPattern: "vpn",
            logFormat: "JSON",
            product: "fortinate",
            vendor: "fortinate",
        }],
    });
    
    import pulumi
    import pulumi_sumologic as sumologic
    
    log_mapping = sumologic.CseLogMapping("log_mapping",
        name="New Log Mapping",
        product_guid="003d35b3-3ba8-4e93-8776-e5810b4e243e",
        record_type="Audit",
        enabled=True,
        relates_entities=True,
        skipped_values=["skipped"],
        fields=[{
            "name": "action",
            "value": "action",
            "value_type": "constant",
            "skipped_values": ["-"],
            "default_value": "",
            "format": "JSON",
            "case_insensitive": False,
            "alternate_values": ["altValue"],
            "time_zone": "UTC",
            "split_delimiter": ",",
            "split_index": 0,
            "field_joins": ["and"],
            "join_delimiter": "",
            "format_parameters": ["param"],
            "lookups": [{
                "key": "tunnel-up",
                "value": "true",
            }],
        }],
        structured_inputs=[{
            "event_id_pattern": "vpn",
            "log_format": "JSON",
            "product": "fortinate",
            "vendor": "fortinate",
        }])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := sumologic.NewCseLogMapping(ctx, "log_mapping", &sumologic.CseLogMappingArgs{
    			Name:            pulumi.String("New Log Mapping"),
    			ProductGuid:     pulumi.String("003d35b3-3ba8-4e93-8776-e5810b4e243e"),
    			RecordType:      pulumi.String("Audit"),
    			Enabled:         pulumi.Bool(true),
    			RelatesEntities: pulumi.Bool(true),
    			SkippedValues: pulumi.StringArray{
    				pulumi.String("skipped"),
    			},
    			Fields: sumologic.CseLogMappingFieldArray{
    				&sumologic.CseLogMappingFieldArgs{
    					Name:      pulumi.String("action"),
    					Value:     pulumi.String("action"),
    					ValueType: pulumi.String("constant"),
    					SkippedValues: pulumi.StringArray{
    						pulumi.String("-"),
    					},
    					DefaultValue:    pulumi.String(""),
    					Format:          pulumi.String("JSON"),
    					CaseInsensitive: pulumi.Bool(false),
    					AlternateValues: pulumi.StringArray{
    						pulumi.String("altValue"),
    					},
    					TimeZone:       pulumi.String("UTC"),
    					SplitDelimiter: pulumi.String(","),
    					SplitIndex:     pulumi.Int(0),
    					FieldJoins: pulumi.StringArray{
    						pulumi.String("and"),
    					},
    					JoinDelimiter: pulumi.String(""),
    					FormatParameters: pulumi.StringArray{
    						pulumi.String("param"),
    					},
    					Lookups: sumologic.CseLogMappingFieldLookupArray{
    						&sumologic.CseLogMappingFieldLookupArgs{
    							Key:   pulumi.String("tunnel-up"),
    							Value: pulumi.String("true"),
    						},
    					},
    				},
    			},
    			StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
    				&sumologic.CseLogMappingStructuredInputArgs{
    					EventIdPattern: pulumi.String("vpn"),
    					LogFormat:      pulumi.String("JSON"),
    					Product:        pulumi.String("fortinate"),
    					Vendor:         pulumi.String("fortinate"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using SumoLogic = Pulumi.SumoLogic;
    
    return await Deployment.RunAsync(() => 
    {
        var logMapping = new SumoLogic.CseLogMapping("log_mapping", new()
        {
            Name = "New Log Mapping",
            ProductGuid = "003d35b3-3ba8-4e93-8776-e5810b4e243e",
            RecordType = "Audit",
            Enabled = true,
            RelatesEntities = true,
            SkippedValues = new[]
            {
                "skipped",
            },
            Fields = new[]
            {
                new SumoLogic.Inputs.CseLogMappingFieldArgs
                {
                    Name = "action",
                    Value = "action",
                    ValueType = "constant",
                    SkippedValues = new[]
                    {
                        "-",
                    },
                    DefaultValue = "",
                    Format = "JSON",
                    CaseInsensitive = false,
                    AlternateValues = new[]
                    {
                        "altValue",
                    },
                    TimeZone = "UTC",
                    SplitDelimiter = ",",
                    SplitIndex = 0,
                    FieldJoins = new[]
                    {
                        "and",
                    },
                    JoinDelimiter = "",
                    FormatParameters = new[]
                    {
                        "param",
                    },
                    Lookups = new[]
                    {
                        new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
                        {
                            Key = "tunnel-up",
                            Value = "true",
                        },
                    },
                },
            },
            StructuredInputs = new[]
            {
                new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
                {
                    EventIdPattern = "vpn",
                    LogFormat = "JSON",
                    Product = "fortinate",
                    Vendor = "fortinate",
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.sumologic.CseLogMapping;
    import com.pulumi.sumologic.CseLogMappingArgs;
    import com.pulumi.sumologic.inputs.CseLogMappingFieldArgs;
    import com.pulumi.sumologic.inputs.CseLogMappingStructuredInputArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var logMapping = new CseLogMapping("logMapping", CseLogMappingArgs.builder()
                .name("New Log Mapping")
                .productGuid("003d35b3-3ba8-4e93-8776-e5810b4e243e")
                .recordType("Audit")
                .enabled(true)
                .relatesEntities(true)
                .skippedValues("skipped")
                .fields(CseLogMappingFieldArgs.builder()
                    .name("action")
                    .value("action")
                    .valueType("constant")
                    .skippedValues("-")
                    .defaultValue("")
                    .format("JSON")
                    .caseInsensitive(false)
                    .alternateValues("altValue")
                    .timeZone("UTC")
                    .splitDelimiter(",")
                    .splitIndex(0)
                    .fieldJoins("and")
                    .joinDelimiter("")
                    .formatParameters("param")
                    .lookups(CseLogMappingFieldLookupArgs.builder()
                        .key("tunnel-up")
                        .value("true")
                        .build())
                    .build())
                .structuredInputs(CseLogMappingStructuredInputArgs.builder()
                    .eventIdPattern("vpn")
                    .logFormat("JSON")
                    .product("fortinate")
                    .vendor("fortinate")
                    .build())
                .build());
    
        }
    }
    
    resources:
      logMapping:
        type: sumologic:CseLogMapping
        name: log_mapping
        properties:
          name: New Log Mapping
          productGuid: 003d35b3-3ba8-4e93-8776-e5810b4e243e
          recordType: Audit
          enabled: true
          relatesEntities: true
          skippedValues:
            - skipped
          fields:
            - name: action
              value: action
              valueType: constant
              skippedValues:
                - '-'
              defaultValue:
              format: JSON
              caseInsensitive: false
              alternateValues:
                - altValue
              timeZone: UTC
              splitDelimiter: ','
              splitIndex: 0
              fieldJoins:
                - and
              joinDelimiter:
              formatParameters:
                - param
              lookups:
                - key: tunnel-up
                  value: 'true'
          structuredInputs:
            - eventIdPattern: vpn
              logFormat: JSON
              product: fortinate
              vendor: fortinate
    

    Create CseLogMapping Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new CseLogMapping(name: string, args: CseLogMappingArgs, opts?: CustomResourceOptions);
    @overload
    def CseLogMapping(resource_name: str,
                      args: CseLogMappingArgs,
                      opts: Optional[ResourceOptions] = None)
    
    @overload
    def CseLogMapping(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      enabled: Optional[bool] = None,
                      fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
                      product_guid: Optional[str] = None,
                      record_type: Optional[str] = None,
                      name: Optional[str] = None,
                      parent_id: Optional[str] = None,
                      relates_entities: Optional[bool] = None,
                      skipped_values: Optional[Sequence[str]] = None,
                      structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
                      unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None)
    func NewCseLogMapping(ctx *Context, name string, args CseLogMappingArgs, opts ...ResourceOption) (*CseLogMapping, error)
    public CseLogMapping(string name, CseLogMappingArgs args, CustomResourceOptions? opts = null)
    public CseLogMapping(String name, CseLogMappingArgs args)
    public CseLogMapping(String name, CseLogMappingArgs args, CustomResourceOptions options)
    
    type: sumologic:CseLogMapping
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CseLogMappingArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var cseLogMappingResource = new SumoLogic.CseLogMapping("cseLogMappingResource", new()
    {
        Enabled = false,
        Fields = new[]
        {
            new SumoLogic.Inputs.CseLogMappingFieldArgs
            {
                Name = "string",
                JoinDelimiter = "string",
                CaseInsensitive = false,
                FieldJoins = new[]
                {
                    "string",
                },
                Format = "string",
                FormatParameters = new[]
                {
                    "string",
                },
                AlternateValues = new[]
                {
                    "string",
                },
                Lookups = new[]
                {
                    new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
                    {
                        Key = "string",
                        Value = "string",
                    },
                },
                DefaultValue = "string",
                SkippedValues = new[]
                {
                    "string",
                },
                SplitDelimiter = "string",
                SplitIndex = 0,
                TimeZone = "string",
                Value = "string",
                ValueType = "string",
            },
        },
        ProductGuid = "string",
        RecordType = "string",
        Name = "string",
        ParentId = "string",
        RelatesEntities = false,
        SkippedValues = new[]
        {
            "string",
        },
        StructuredInputs = new[]
        {
            new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
            {
                EventIdPattern = "string",
                LogFormat = "string",
                Product = "string",
                Vendor = "string",
            },
        },
        UnstructuredFields = new SumoLogic.Inputs.CseLogMappingUnstructuredFieldsArgs
        {
            PatternNames = new[]
            {
                "string",
            },
        },
    });
    
    example, err := sumologic.NewCseLogMapping(ctx, "cseLogMappingResource", &sumologic.CseLogMappingArgs{
    	Enabled: pulumi.Bool(false),
    	Fields: sumologic.CseLogMappingFieldArray{
    		&sumologic.CseLogMappingFieldArgs{
    			Name:            pulumi.String("string"),
    			JoinDelimiter:   pulumi.String("string"),
    			CaseInsensitive: pulumi.Bool(false),
    			FieldJoins: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Format: pulumi.String("string"),
    			FormatParameters: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			AlternateValues: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			Lookups: sumologic.CseLogMappingFieldLookupArray{
    				&sumologic.CseLogMappingFieldLookupArgs{
    					Key:   pulumi.String("string"),
    					Value: pulumi.String("string"),
    				},
    			},
    			DefaultValue: pulumi.String("string"),
    			SkippedValues: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			SplitDelimiter: pulumi.String("string"),
    			SplitIndex:     pulumi.Int(0),
    			TimeZone:       pulumi.String("string"),
    			Value:          pulumi.String("string"),
    			ValueType:      pulumi.String("string"),
    		},
    	},
    	ProductGuid:     pulumi.String("string"),
    	RecordType:      pulumi.String("string"),
    	Name:            pulumi.String("string"),
    	ParentId:        pulumi.String("string"),
    	RelatesEntities: pulumi.Bool(false),
    	SkippedValues: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
    		&sumologic.CseLogMappingStructuredInputArgs{
    			EventIdPattern: pulumi.String("string"),
    			LogFormat:      pulumi.String("string"),
    			Product:        pulumi.String("string"),
    			Vendor:         pulumi.String("string"),
    		},
    	},
    	UnstructuredFields: &sumologic.CseLogMappingUnstructuredFieldsArgs{
    		PatternNames: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    })
    
    var cseLogMappingResource = new CseLogMapping("cseLogMappingResource", CseLogMappingArgs.builder()
        .enabled(false)
        .fields(CseLogMappingFieldArgs.builder()
            .name("string")
            .joinDelimiter("string")
            .caseInsensitive(false)
            .fieldJoins("string")
            .format("string")
            .formatParameters("string")
            .alternateValues("string")
            .lookups(CseLogMappingFieldLookupArgs.builder()
                .key("string")
                .value("string")
                .build())
            .defaultValue("string")
            .skippedValues("string")
            .splitDelimiter("string")
            .splitIndex(0)
            .timeZone("string")
            .value("string")
            .valueType("string")
            .build())
        .productGuid("string")
        .recordType("string")
        .name("string")
        .parentId("string")
        .relatesEntities(false)
        .skippedValues("string")
        .structuredInputs(CseLogMappingStructuredInputArgs.builder()
            .eventIdPattern("string")
            .logFormat("string")
            .product("string")
            .vendor("string")
            .build())
        .unstructuredFields(CseLogMappingUnstructuredFieldsArgs.builder()
            .patternNames("string")
            .build())
        .build());
    
    cse_log_mapping_resource = sumologic.CseLogMapping("cseLogMappingResource",
        enabled=False,
        fields=[sumologic.CseLogMappingFieldArgs(
            name="string",
            join_delimiter="string",
            case_insensitive=False,
            field_joins=["string"],
            format="string",
            format_parameters=["string"],
            alternate_values=["string"],
            lookups=[sumologic.CseLogMappingFieldLookupArgs(
                key="string",
                value="string",
            )],
            default_value="string",
            skipped_values=["string"],
            split_delimiter="string",
            split_index=0,
            time_zone="string",
            value="string",
            value_type="string",
        )],
        product_guid="string",
        record_type="string",
        name="string",
        parent_id="string",
        relates_entities=False,
        skipped_values=["string"],
        structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
            event_id_pattern="string",
            log_format="string",
            product="string",
            vendor="string",
        )],
        unstructured_fields=sumologic.CseLogMappingUnstructuredFieldsArgs(
            pattern_names=["string"],
        ))
    
    const cseLogMappingResource = new sumologic.CseLogMapping("cseLogMappingResource", {
        enabled: false,
        fields: [{
            name: "string",
            joinDelimiter: "string",
            caseInsensitive: false,
            fieldJoins: ["string"],
            format: "string",
            formatParameters: ["string"],
            alternateValues: ["string"],
            lookups: [{
                key: "string",
                value: "string",
            }],
            defaultValue: "string",
            skippedValues: ["string"],
            splitDelimiter: "string",
            splitIndex: 0,
            timeZone: "string",
            value: "string",
            valueType: "string",
        }],
        productGuid: "string",
        recordType: "string",
        name: "string",
        parentId: "string",
        relatesEntities: false,
        skippedValues: ["string"],
        structuredInputs: [{
            eventIdPattern: "string",
            logFormat: "string",
            product: "string",
            vendor: "string",
        }],
        unstructuredFields: {
            patternNames: ["string"],
        },
    });
    
    type: sumologic:CseLogMapping
    properties:
        enabled: false
        fields:
            - alternateValues:
                - string
              caseInsensitive: false
              defaultValue: string
              fieldJoins:
                - string
              format: string
              formatParameters:
                - string
              joinDelimiter: string
              lookups:
                - key: string
                  value: string
              name: string
              skippedValues:
                - string
              splitDelimiter: string
              splitIndex: 0
              timeZone: string
              value: string
              valueType: string
        name: string
        parentId: string
        productGuid: string
        recordType: string
        relatesEntities: false
        skippedValues:
            - string
        structuredInputs:
            - eventIdPattern: string
              logFormat: string
              product: string
              vendor: string
        unstructuredFields:
            patternNames:
                - string
    

    CseLogMapping Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The CseLogMapping resource accepts the following input properties:

    Enabled bool
    Enabled flag.
    Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingField>
    List of fields for the new log mapping. See field_schema for details.
    ProductGuid string
    Product GUID.
    RecordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    Name string
    The name of the log mapping.
    ParentId string
    The id of the parent log mapping.
    RelatesEntities bool
    Set to true to relate entities.
    SkippedValues List<string>
    List of skipped values.
    StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInput>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    Enabled bool
    Enabled flag.
    Fields []CseLogMappingFieldArgs
    List of fields for the new log mapping. See field_schema for details.
    ProductGuid string
    Product GUID.
    RecordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    Name string
    The name of the log mapping.
    ParentId string
    The id of the parent log mapping.
    RelatesEntities bool
    Set to true to relate entities.
    SkippedValues []string
    List of skipped values.
    StructuredInputs []CseLogMappingStructuredInputArgs
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    UnstructuredFields CseLogMappingUnstructuredFieldsArgs
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled Boolean
    Enabled flag.
    fields List<CseLogMappingField>
    List of fields for the new log mapping. See field_schema for details.
    productGuid String
    Product GUID.
    recordType String
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    name String
    The name of the log mapping.
    parentId String
    The id of the parent log mapping.
    relatesEntities Boolean
    Set to true to relate entities.
    skippedValues List<String>
    List of skipped values.
    structuredInputs List<CseLogMappingStructuredInput>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled boolean
    Enabled flag.
    fields CseLogMappingField[]
    List of fields for the new log mapping. See field_schema for details.
    productGuid string
    Product GUID.
    recordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    name string
    The name of the log mapping.
    parentId string
    The id of the parent log mapping.
    relatesEntities boolean
    Set to true to relate entities.
    skippedValues string[]
    List of skipped values.
    structuredInputs CseLogMappingStructuredInput[]
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled bool
    Enabled flag.
    fields Sequence[CseLogMappingFieldArgs]
    List of fields for the new log mapping. See field_schema for details.
    product_guid str
    Product GUID.
    record_type str
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    name str
    The name of the log mapping.
    parent_id str
    The id of the parent log mapping.
    relates_entities bool
    Set to true to relate entities.
    skipped_values Sequence[str]
    List of skipped values.
    structured_inputs Sequence[CseLogMappingStructuredInputArgs]
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructured_fields CseLogMappingUnstructuredFieldsArgs
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled Boolean
    Enabled flag.
    fields List<Property Map>
    List of fields for the new log mapping. See field_schema for details.
    productGuid String
    Product GUID.
    recordType String
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    name String
    The name of the log mapping.
    parentId String
    The id of the parent log mapping.
    relatesEntities Boolean
    Set to true to relate entities.
    skippedValues List<String>
    List of skipped values.
    structuredInputs List<Property Map>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields Property Map
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CseLogMapping resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing CseLogMapping Resource

    Get an existing CseLogMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CseLogMappingState, opts?: CustomResourceOptions): CseLogMapping
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            enabled: Optional[bool] = None,
            fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
            name: Optional[str] = None,
            parent_id: Optional[str] = None,
            product_guid: Optional[str] = None,
            record_type: Optional[str] = None,
            relates_entities: Optional[bool] = None,
            skipped_values: Optional[Sequence[str]] = None,
            structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
            unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None) -> CseLogMapping
    func GetCseLogMapping(ctx *Context, name string, id IDInput, state *CseLogMappingState, opts ...ResourceOption) (*CseLogMapping, error)
    public static CseLogMapping Get(string name, Input<string> id, CseLogMappingState? state, CustomResourceOptions? opts = null)
    public static CseLogMapping get(String name, Output<String> id, CseLogMappingState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Enabled bool
    Enabled flag.
    Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingField>
    List of fields for the new log mapping. See field_schema for details.
    Name string
    The name of the log mapping.
    ParentId string
    The id of the parent log mapping.
    ProductGuid string
    Product GUID.
    RecordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    RelatesEntities bool
    Set to true to relate entities.
    SkippedValues List<string>
    List of skipped values.
    StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInput>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    Enabled bool
    Enabled flag.
    Fields []CseLogMappingFieldArgs
    List of fields for the new log mapping. See field_schema for details.
    Name string
    The name of the log mapping.
    ParentId string
    The id of the parent log mapping.
    ProductGuid string
    Product GUID.
    RecordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    RelatesEntities bool
    Set to true to relate entities.
    SkippedValues []string
    List of skipped values.
    StructuredInputs []CseLogMappingStructuredInputArgs
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    UnstructuredFields CseLogMappingUnstructuredFieldsArgs
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled Boolean
    Enabled flag.
    fields List<CseLogMappingField>
    List of fields for the new log mapping. See field_schema for details.
    name String
    The name of the log mapping.
    parentId String
    The id of the parent log mapping.
    productGuid String
    Product GUID.
    recordType String
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    relatesEntities Boolean
    Set to true to relate entities.
    skippedValues List<String>
    List of skipped values.
    structuredInputs List<CseLogMappingStructuredInput>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled boolean
    Enabled flag.
    fields CseLogMappingField[]
    List of fields for the new log mapping. See field_schema for details.
    name string
    The name of the log mapping.
    parentId string
    The id of the parent log mapping.
    productGuid string
    Product GUID.
    recordType string
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    relatesEntities boolean
    Set to true to relate entities.
    skippedValues string[]
    List of skipped values.
    structuredInputs CseLogMappingStructuredInput[]
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields CseLogMappingUnstructuredFields
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled bool
    Enabled flag.
    fields Sequence[CseLogMappingFieldArgs]
    List of fields for the new log mapping. See field_schema for details.
    name str
    The name of the log mapping.
    parent_id str
    The id of the parent log mapping.
    product_guid str
    Product GUID.
    record_type str
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    relates_entities bool
    Set to true to relate entities.
    skipped_values Sequence[str]
    List of skipped values.
    structured_inputs Sequence[CseLogMappingStructuredInputArgs]
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructured_fields CseLogMappingUnstructuredFieldsArgs
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.
    enabled Boolean
    Enabled flag.
    fields List<Property Map>
    List of fields for the new log mapping. See field_schema for details.
    name String
    The name of the log mapping.
    parentId String
    The id of the parent log mapping.
    productGuid String
    Product GUID.
    recordType String
    The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
    relatesEntities Boolean
    Set to true to relate entities.
    skippedValues List<String>
    List of skipped values.
    structuredInputs List<Property Map>
    List of structured inputs for the new log mapping. See structured_input_schema for details.
    unstructuredFields Property Map
    Unstructured fields for the new log mapping. See unstructured_field_schema for details.

    Supporting Types

    CseLogMappingField, CseLogMappingFieldArgs

    Name string
    The name of the log mapping.
    AlternateValues List<string>
    List of alternate values.
    CaseInsensitive bool
    Case insensitive flag.
    DefaultValue string
    Default value of the field.
    FieldJoins List<string>
    List of field join values.
    Format string
    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
    FormatParameters List<string>
    List of format parameters.
    JoinDelimiter string
    Join delimiter.
    Lookups List<Pulumi.SumoLogic.Inputs.CseLogMappingFieldLookup>
    List of lookup key value pair for field. See lookup_schema for details.
    SkippedValues List<string>
    List of skipped values.
    SplitDelimiter string
    Split delimiter to be used. (some example: ",", "-", "|")
    SplitIndex int
    The index value to select (starting at zero)
    TimeZone string
    Time zone.
    Value string
    Lookup value.
    ValueType string
    The value type.
    Name string
    The name of the log mapping.
    AlternateValues []string
    List of alternate values.
    CaseInsensitive bool
    Case insensitive flag.
    DefaultValue string
    Default value of the field.
    FieldJoins []string
    List of field join values.
    Format string
    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
    FormatParameters []string
    List of format parameters.
    JoinDelimiter string
    Join delimiter.
    Lookups []CseLogMappingFieldLookup
    List of lookup key value pair for field. See lookup_schema for details.
    SkippedValues []string
    List of skipped values.
    SplitDelimiter string
    Split delimiter to be used. (some example: ",", "-", "|")
    SplitIndex int
    The index value to select (starting at zero)
    TimeZone string
    Time zone.
    Value string
    Lookup value.
    ValueType string
    The value type.
    name String
    The name of the log mapping.
    alternateValues List<String>
    List of alternate values.
    caseInsensitive Boolean
    Case insensitive flag.
    defaultValue String
    Default value of the field.
    fieldJoins List<String>
    List of field join values.
    format String
    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
    formatParameters List<String>
    List of format parameters.
    joinDelimiter String
    Join delimiter.
    lookups List<CseLogMappingFieldLookup>
    List of lookup key value pair for field. See lookup_schema for details.
    skippedValues List<String>
    List of skipped values.
    splitDelimiter String
    Split delimiter to be used. (some example: ",", "-", "|")
    splitIndex Integer
    The index value to select (starting at zero)
    timeZone String
    Time zone.
    value String
    Lookup value.
    valueType String
    The value type.
    name string
    The name of the log mapping.
    alternateValues string[]
    List of alternate values.
    caseInsensitive boolean
    Case insensitive flag.
    defaultValue string
    Default value of the field.
    fieldJoins string[]
    List of field join values.
    format string
    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
    formatParameters string[]
    List of format parameters.
    joinDelimiter string
    Join delimiter.
    lookups CseLogMappingFieldLookup[]
    List of lookup key value pair for field. See lookup_schema for details.
    skippedValues string[]
    List of skipped values.
    splitDelimiter string
    Split delimiter to be used. (some example: ",", "-", "|")
    splitIndex number
    The index value to select (starting at zero)
    timeZone string
    Time zone.
    value string
    Lookup value.
    valueType string
    The value type.
    name str
    The name of the log mapping.
    alternate_values Sequence[str]
    List of alternate values.
    case_insensitive bool
    Case insensitive flag.
    default_value str
    Default value of the field.
    field_joins Sequence[str]
    List of field join values.
    format str
    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
    format_parameters Sequence[str]
    List of format parameters.
    join_delimiter str
    Join delimiter.
    lookups Sequence[CseLogMappingFieldLookup]
    List of lookup key value pair for field. See lookup_schema for details.
    skipped_values Sequence[str]
    List of skipped values.
    split_delimiter str
    Split delimiter to be used. (some example: ",", "-", "|")
    split_index int
    The index value to select (starting at zero)
    time_zone str
    Time zone.
    value str
    Lookup value.
    value_type str
    The value type.
    name String
    The name of the log mapping.
    alternateValues List<String>
    List of alternate values.
    caseInsensitive Boolean
    Case insensitive flag.
    defaultValue String
    Default value of the field.
    fieldJoins List<String>
    List of field join values.
    format String
    Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
    formatParameters List<String>
    List of format parameters.
    joinDelimiter String
    Join delimiter.
    lookups List<Property Map>
    List of lookup key value pair for field. See lookup_schema for details.
    skippedValues List<String>
    List of skipped values.
    splitDelimiter String
    Split delimiter to be used. (some example: ",", "-", "|")
    splitIndex Number
    The index value to select (starting at zero)
    timeZone String
    Time zone.
    value String
    Lookup value.
    valueType String
    The value type.

    CseLogMappingFieldLookup, CseLogMappingFieldLookupArgs

    Key string
    Lookup key.
    Value string
    Lookup value.
    Key string
    Lookup key.
    Value string
    Lookup value.
    key String
    Lookup key.
    value String
    Lookup value.
    key string
    Lookup key.
    value string
    Lookup value.
    key str
    Lookup key.
    value str
    Lookup value.
    key String
    Lookup key.
    value String
    Lookup value.

    CseLogMappingStructuredInput, CseLogMappingStructuredInputArgs

    EventIdPattern string
    Event id pattern.
    LogFormat string
    Log format. (JSON, Windows, Syslog, CEF, LEEF )
    Product string
    Product name.
    Vendor string
    Vendor name.
    EventIdPattern string
    Event id pattern.
    LogFormat string
    Log format. (JSON, Windows, Syslog, CEF, LEEF )
    Product string
    Product name.
    Vendor string
    Vendor name.
    eventIdPattern String
    Event id pattern.
    logFormat String
    Log format. (JSON, Windows, Syslog, CEF, LEEF )
    product String
    Product name.
    vendor String
    Vendor name.
    eventIdPattern string
    Event id pattern.
    logFormat string
    Log format. (JSON, Windows, Syslog, CEF, LEEF )
    product string
    Product name.
    vendor string
    Vendor name.
    event_id_pattern str
    Event id pattern.
    log_format str
    Log format. (JSON, Windows, Syslog, CEF, LEEF )
    product str
    Product name.
    vendor str
    Vendor name.
    eventIdPattern String
    Event id pattern.
    logFormat String
    Log format. (JSON, Windows, Syslog, CEF, LEEF )
    product String
    Product name.
    vendor String
    Vendor name.

    CseLogMappingUnstructuredFields, CseLogMappingUnstructuredFieldsArgs

    PatternNames List<string>

    List of grok pattern names.

    The following attributes are exported:

    PatternNames []string

    List of grok pattern names.

    The following attributes are exported:

    patternNames List<String>

    List of grok pattern names.

    The following attributes are exported:

    patternNames string[]

    List of grok pattern names.

    The following attributes are exported:

    pattern_names Sequence[str]

    List of grok pattern names.

    The following attributes are exported:

    patternNames List<String>

    List of grok pattern names.

    The following attributes are exported:

    Import

    Log Mapping can be imported using the field id, e.g.:

    hcl

    $ pulumi import sumologic:index/cseLogMapping:CseLogMapping log_mapping id
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Sumo Logic pulumi/pulumi-sumologic
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the sumologic Terraform Provider.
    sumologic logo
    Sumo Logic v0.23.4 published on Friday, Sep 20, 2024 by Pulumi