Docs
PackagesSumo Logic v0.22.1 published on Sunday, Jun 9, 2024 by Pulumi
sumologic.CseLogMapping
Explore with Pulumi AI
Provides a Sumologic CSE Log Mapping.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";
const logMapping = new sumologic.CseLogMapping("log_mapping", {
name: "New Log Mapping",
productGuid: "003d35b3-3ba8-4e93-8776-e5810b4e243e",
recordType: "Audit",
enabled: true,
relatesEntities: true,
skippedValues: ["skipped"],
fields: [{
name: "action",
value: "action",
valueType: "constant",
skippedValues: ["-"],
defaultValue: "",
format: "JSON",
caseInsensitive: false,
alternateValues: ["altValue"],
timeZone: "UTC",
splitDelimiter: ",",
splitIndex: 0,
fieldJoins: ["and"],
joinDelimiter: "",
formatParameters: ["param"],
lookups: [{
key: "tunnel-up",
value: "true",
}],
}],
structuredInputs: [{
eventIdPattern: "vpn",
logFormat: "JSON",
product: "fortinate",
vendor: "fortinate",
}],
});
import pulumi
import pulumi_sumologic as sumologic
log_mapping = sumologic.CseLogMapping("log_mapping",
name="New Log Mapping",
product_guid="003d35b3-3ba8-4e93-8776-e5810b4e243e",
record_type="Audit",
enabled=True,
relates_entities=True,
skipped_values=["skipped"],
fields=[sumologic.CseLogMappingFieldArgs(
name="action",
value="action",
value_type="constant",
skipped_values=["-"],
default_value="",
format="JSON",
case_insensitive=False,
alternate_values=["altValue"],
time_zone="UTC",
split_delimiter=",",
split_index=0,
field_joins=["and"],
join_delimiter="",
format_parameters=["param"],
lookups=[sumologic.CseLogMappingFieldLookupArgs(
key="tunnel-up",
value="true",
)],
)],
structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
event_id_pattern="vpn",
log_format="JSON",
product="fortinate",
vendor="fortinate",
)])
package main
import (
"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sumologic.NewCseLogMapping(ctx, "log_mapping", &sumologic.CseLogMappingArgs{
Name: pulumi.String("New Log Mapping"),
ProductGuid: pulumi.String("003d35b3-3ba8-4e93-8776-e5810b4e243e"),
RecordType: pulumi.String("Audit"),
Enabled: pulumi.Bool(true),
RelatesEntities: pulumi.Bool(true),
SkippedValues: pulumi.StringArray{
pulumi.String("skipped"),
},
Fields: sumologic.CseLogMappingFieldArray{
&sumologic.CseLogMappingFieldArgs{
Name: pulumi.String("action"),
Value: pulumi.String("action"),
ValueType: pulumi.String("constant"),
SkippedValues: pulumi.StringArray{
pulumi.String("-"),
},
DefaultValue: pulumi.String(""),
Format: pulumi.String("JSON"),
CaseInsensitive: pulumi.Bool(false),
AlternateValues: pulumi.StringArray{
pulumi.String("altValue"),
},
TimeZone: pulumi.String("UTC"),
SplitDelimiter: pulumi.String(","),
SplitIndex: pulumi.Int(0),
FieldJoins: pulumi.StringArray{
pulumi.String("and"),
},
JoinDelimiter: pulumi.String(""),
FormatParameters: pulumi.StringArray{
pulumi.String("param"),
},
Lookups: sumologic.CseLogMappingFieldLookupArray{
&sumologic.CseLogMappingFieldLookupArgs{
Key: pulumi.String("tunnel-up"),
Value: pulumi.String("true"),
},
},
},
},
StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
&sumologic.CseLogMappingStructuredInputArgs{
EventIdPattern: pulumi.String("vpn"),
LogFormat: pulumi.String("JSON"),
Product: pulumi.String("fortinate"),
Vendor: pulumi.String("fortinate"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;
return await Deployment.RunAsync(() =>
{
var logMapping = new SumoLogic.CseLogMapping("log_mapping", new()
{
Name = "New Log Mapping",
ProductGuid = "003d35b3-3ba8-4e93-8776-e5810b4e243e",
RecordType = "Audit",
Enabled = true,
RelatesEntities = true,
SkippedValues = new[]
{
"skipped",
},
Fields = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldArgs
{
Name = "action",
Value = "action",
ValueType = "constant",
SkippedValues = new[]
{
"-",
},
DefaultValue = "",
Format = "JSON",
CaseInsensitive = false,
AlternateValues = new[]
{
"altValue",
},
TimeZone = "UTC",
SplitDelimiter = ",",
SplitIndex = 0,
FieldJoins = new[]
{
"and",
},
JoinDelimiter = "",
FormatParameters = new[]
{
"param",
},
Lookups = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
{
Key = "tunnel-up",
Value = "true",
},
},
},
},
StructuredInputs = new[]
{
new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
{
EventIdPattern = "vpn",
LogFormat = "JSON",
Product = "fortinate",
Vendor = "fortinate",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.CseLogMapping;
import com.pulumi.sumologic.CseLogMappingArgs;
import com.pulumi.sumologic.inputs.CseLogMappingFieldArgs;
import com.pulumi.sumologic.inputs.CseLogMappingStructuredInputArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var logMapping = new CseLogMapping("logMapping", CseLogMappingArgs.builder()
.name("New Log Mapping")
.productGuid("003d35b3-3ba8-4e93-8776-e5810b4e243e")
.recordType("Audit")
.enabled(true)
.relatesEntities(true)
.skippedValues("skipped")
.fields(CseLogMappingFieldArgs.builder()
.name("action")
.value("action")
.valueType("constant")
.skippedValues("-")
.defaultValue("")
.format("JSON")
.caseInsensitive(false)
.alternateValues("altValue")
.timeZone("UTC")
.splitDelimiter(",")
.splitIndex(0)
.fieldJoins("and")
.joinDelimiter("")
.formatParameters("param")
.lookups(CseLogMappingFieldLookupArgs.builder()
.key("tunnel-up")
.value("true")
.build())
.build())
.structuredInputs(CseLogMappingStructuredInputArgs.builder()
.eventIdPattern("vpn")
.logFormat("JSON")
.product("fortinate")
.vendor("fortinate")
.build())
.build());
}
}
resources:
logMapping:
type: sumologic:CseLogMapping
name: log_mapping
properties:
name: New Log Mapping
productGuid: 003d35b3-3ba8-4e93-8776-e5810b4e243e
recordType: Audit
enabled: true
relatesEntities: true
skippedValues:
- skipped
fields:
- name: action
value: action
valueType: constant
skippedValues:
- '-'
defaultValue:
format: JSON
caseInsensitive: false
alternateValues:
- altValue
timeZone: UTC
splitDelimiter: ','
splitIndex: 0
fieldJoins:
- and
joinDelimiter:
formatParameters:
- param
lookups:
- key: tunnel-up
value: 'true'
structuredInputs:
- eventIdPattern: vpn
logFormat: JSON
product: fortinate
vendor: fortinate
Create CseLogMapping Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CseLogMapping(name: string, args: CseLogMappingArgs, opts?: CustomResourceOptions);@overload
def CseLogMapping(resource_name: str,
args: CseLogMappingArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CseLogMapping(resource_name: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
product_guid: Optional[str] = None,
record_type: Optional[str] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
relates_entities: Optional[bool] = None,
skipped_values: Optional[Sequence[str]] = None,
structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None)func NewCseLogMapping(ctx *Context, name string, args CseLogMappingArgs, opts ...ResourceOption) (*CseLogMapping, error)public CseLogMapping(string name, CseLogMappingArgs args, CustomResourceOptions? opts = null)
public CseLogMapping(String name, CseLogMappingArgs args)
public CseLogMapping(String name, CseLogMappingArgs args, CustomResourceOptions options)
type: sumologic:CseLogMapping
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CseLogMappingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cseLogMappingResource = new SumoLogic.CseLogMapping("cseLogMappingResource", new()
{
Enabled = false,
Fields = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldArgs
{
Name = "string",
JoinDelimiter = "string",
CaseInsensitive = false,
FieldJoins = new[]
{
"string",
},
Format = "string",
FormatParameters = new[]
{
"string",
},
AlternateValues = new[]
{
"string",
},
Lookups = new[]
{
new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
{
Key = "string",
Value = "string",
},
},
DefaultValue = "string",
SkippedValues = new[]
{
"string",
},
SplitDelimiter = "string",
SplitIndex = 0,
TimeZone = "string",
Value = "string",
ValueType = "string",
},
},
ProductGuid = "string",
RecordType = "string",
Name = "string",
ParentId = "string",
RelatesEntities = false,
SkippedValues = new[]
{
"string",
},
StructuredInputs = new[]
{
new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
{
EventIdPattern = "string",
LogFormat = "string",
Product = "string",
Vendor = "string",
},
},
UnstructuredFields = new SumoLogic.Inputs.CseLogMappingUnstructuredFieldsArgs
{
PatternNames = new[]
{
"string",
},
},
});
example, err := sumologic.NewCseLogMapping(ctx, "cseLogMappingResource", &sumologic.CseLogMappingArgs{
Enabled: pulumi.Bool(false),
Fields: sumologic.CseLogMappingFieldArray{
&sumologic.CseLogMappingFieldArgs{
Name: pulumi.String("string"),
JoinDelimiter: pulumi.String("string"),
CaseInsensitive: pulumi.Bool(false),
FieldJoins: pulumi.StringArray{
pulumi.String("string"),
},
Format: pulumi.String("string"),
FormatParameters: pulumi.StringArray{
pulumi.String("string"),
},
AlternateValues: pulumi.StringArray{
pulumi.String("string"),
},
Lookups: sumologic.CseLogMappingFieldLookupArray{
&sumologic.CseLogMappingFieldLookupArgs{
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
DefaultValue: pulumi.String("string"),
SkippedValues: pulumi.StringArray{
pulumi.String("string"),
},
SplitDelimiter: pulumi.String("string"),
SplitIndex: pulumi.Int(0),
TimeZone: pulumi.String("string"),
Value: pulumi.String("string"),
ValueType: pulumi.String("string"),
},
},
ProductGuid: pulumi.String("string"),
RecordType: pulumi.String("string"),
Name: pulumi.String("string"),
ParentId: pulumi.String("string"),
RelatesEntities: pulumi.Bool(false),
SkippedValues: pulumi.StringArray{
pulumi.String("string"),
},
StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
&sumologic.CseLogMappingStructuredInputArgs{
EventIdPattern: pulumi.String("string"),
LogFormat: pulumi.String("string"),
Product: pulumi.String("string"),
Vendor: pulumi.String("string"),
},
},
UnstructuredFields: &sumologic.CseLogMappingUnstructuredFieldsArgs{
PatternNames: pulumi.StringArray{
pulumi.String("string"),
},
},
})
var cseLogMappingResource = new CseLogMapping("cseLogMappingResource", CseLogMappingArgs.builder()
.enabled(false)
.fields(CseLogMappingFieldArgs.builder()
.name("string")
.joinDelimiter("string")
.caseInsensitive(false)
.fieldJoins("string")
.format("string")
.formatParameters("string")
.alternateValues("string")
.lookups(CseLogMappingFieldLookupArgs.builder()
.key("string")
.value("string")
.build())
.defaultValue("string")
.skippedValues("string")
.splitDelimiter("string")
.splitIndex(0)
.timeZone("string")
.value("string")
.valueType("string")
.build())
.productGuid("string")
.recordType("string")
.name("string")
.parentId("string")
.relatesEntities(false)
.skippedValues("string")
.structuredInputs(CseLogMappingStructuredInputArgs.builder()
.eventIdPattern("string")
.logFormat("string")
.product("string")
.vendor("string")
.build())
.unstructuredFields(CseLogMappingUnstructuredFieldsArgs.builder()
.patternNames("string")
.build())
.build());
cse_log_mapping_resource = sumologic.CseLogMapping("cseLogMappingResource",
enabled=False,
fields=[sumologic.CseLogMappingFieldArgs(
name="string",
join_delimiter="string",
case_insensitive=False,
field_joins=["string"],
format="string",
format_parameters=["string"],
alternate_values=["string"],
lookups=[sumologic.CseLogMappingFieldLookupArgs(
key="string",
value="string",
)],
default_value="string",
skipped_values=["string"],
split_delimiter="string",
split_index=0,
time_zone="string",
value="string",
value_type="string",
)],
product_guid="string",
record_type="string",
name="string",
parent_id="string",
relates_entities=False,
skipped_values=["string"],
structured_inputs=[sumologic.CseLogMappingStructuredInputArgs(
event_id_pattern="string",
log_format="string",
product="string",
vendor="string",
)],
unstructured_fields=sumologic.CseLogMappingUnstructuredFieldsArgs(
pattern_names=["string"],
))
const cseLogMappingResource = new sumologic.CseLogMapping("cseLogMappingResource", {
enabled: false,
fields: [{
name: "string",
joinDelimiter: "string",
caseInsensitive: false,
fieldJoins: ["string"],
format: "string",
formatParameters: ["string"],
alternateValues: ["string"],
lookups: [{
key: "string",
value: "string",
}],
defaultValue: "string",
skippedValues: ["string"],
splitDelimiter: "string",
splitIndex: 0,
timeZone: "string",
value: "string",
valueType: "string",
}],
productGuid: "string",
recordType: "string",
name: "string",
parentId: "string",
relatesEntities: false,
skippedValues: ["string"],
structuredInputs: [{
eventIdPattern: "string",
logFormat: "string",
product: "string",
vendor: "string",
}],
unstructuredFields: {
patternNames: ["string"],
},
});
type: sumologic:CseLogMapping
properties:
enabled: false
fields:
- alternateValues:
- string
caseInsensitive: false
defaultValue: string
fieldJoins:
- string
format: string
formatParameters:
- string
joinDelimiter: string
lookups:
- key: string
value: string
name: string
skippedValues:
- string
splitDelimiter: string
splitIndex: 0
timeZone: string
value: string
valueType: string
name: string
parentId: string
productGuid: string
recordType: string
relatesEntities: false
skippedValues:
- string
structuredInputs:
- eventIdPattern: string
logFormat: string
product: string
vendor: string
unstructuredFields:
patternNames:
- string
CseLogMapping Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The CseLogMapping resource accepts the following input properties:
- Enabled bool
- Enabled flag.
- Fields
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field> - List of fields for the new log mapping. See field_schema for details.
- Product
Guid string - Product GUID.
- Record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Name string
- The name of the log mapping.
- Parent
Id string - The id of the parent log mapping.
- Relates
Entities bool - Set to true to relate entities.
- Skipped
Values List<string> - List of skipped values.
- Structured
Inputs List<Pulumi.Sumo Logic. Inputs. Cse Log Mapping Structured Input> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields Pulumi.Sumo Logic. Inputs. Cse Log Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- Enabled bool
- Enabled flag.
- Fields
[]Cse
Log Mapping Field Args - List of fields for the new log mapping. See field_schema for details.
- Product
Guid string - Product GUID.
- Record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Name string
- The name of the log mapping.
- Parent
Id string - The id of the parent log mapping.
- Relates
Entities bool - Set to true to relate entities.
- Skipped
Values []string - List of skipped values.
- Structured
Inputs []CseLog Mapping Structured Input Args - List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields CseLog Mapping Unstructured Fields Args - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
- Enabled flag.
- fields
List<Cse
Log Mapping Field> - List of fields for the new log mapping. See field_schema for details.
- product
Guid String - Product GUID.
- record
Type String - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name String
- The name of the log mapping.
- parent
Id String - The id of the parent log mapping.
- relates
Entities Boolean - Set to true to relate entities.
- skipped
Values List<String> - List of skipped values.
- structured
Inputs List<CseLog Mapping Structured Input> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled boolean
- Enabled flag.
- fields
Cse
Log Mapping Field[] - List of fields for the new log mapping. See field_schema for details.
- product
Guid string - Product GUID.
- record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name string
- The name of the log mapping.
- parent
Id string - The id of the parent log mapping.
- relates
Entities boolean - Set to true to relate entities.
- skipped
Values string[] - List of skipped values.
- structured
Inputs CseLog Mapping Structured Input[] - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled bool
- Enabled flag.
- fields
Sequence[Cse
Log Mapping Field Args] - List of fields for the new log mapping. See field_schema for details.
- product_
guid str - Product GUID.
- record_
type str - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name str
- The name of the log mapping.
- parent_
id str - The id of the parent log mapping.
- relates_
entities bool - Set to true to relate entities.
- skipped_
values Sequence[str] - List of skipped values.
- structured_
inputs Sequence[CseLog Mapping Structured Input Args] - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured_
fields CseLog Mapping Unstructured Fields Args - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
- Enabled flag.
- fields List<Property Map>
- List of fields for the new log mapping. See field_schema for details.
- product
Guid String - Product GUID.
- record
Type String - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- name String
- The name of the log mapping.
- parent
Id String - The id of the parent log mapping.
- relates
Entities Boolean - Set to true to relate entities.
- skipped
Values List<String> - List of skipped values.
- structured
Inputs List<Property Map> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields Property Map - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
Outputs
All input properties are implicitly available as output properties. Additionally, the CseLogMapping resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CseLogMapping Resource
Get an existing CseLogMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CseLogMappingState, opts?: CustomResourceOptions): CseLogMapping@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
name: Optional[str] = None,
parent_id: Optional[str] = None,
product_guid: Optional[str] = None,
record_type: Optional[str] = None,
relates_entities: Optional[bool] = None,
skipped_values: Optional[Sequence[str]] = None,
structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None) -> CseLogMappingfunc GetCseLogMapping(ctx *Context, name string, id IDInput, state *CseLogMappingState, opts ...ResourceOption) (*CseLogMapping, error)public static CseLogMapping Get(string name, Input<string> id, CseLogMappingState? state, CustomResourceOptions? opts = null)public static CseLogMapping get(String name, Output<String> id, CseLogMappingState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Enabled bool
- Enabled flag.
- Fields
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field> - List of fields for the new log mapping. See field_schema for details.
- Name string
- The name of the log mapping.
- Parent
Id string - The id of the parent log mapping.
- Product
Guid string - Product GUID.
- Record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Relates
Entities bool - Set to true to relate entities.
- Skipped
Values List<string> - List of skipped values.
- Structured
Inputs List<Pulumi.Sumo Logic. Inputs. Cse Log Mapping Structured Input> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields Pulumi.Sumo Logic. Inputs. Cse Log Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- Enabled bool
- Enabled flag.
- Fields
[]Cse
Log Mapping Field Args - List of fields for the new log mapping. See field_schema for details.
- Name string
- The name of the log mapping.
- Parent
Id string - The id of the parent log mapping.
- Product
Guid string - Product GUID.
- Record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- Relates
Entities bool - Set to true to relate entities.
- Skipped
Values []string - List of skipped values.
- Structured
Inputs []CseLog Mapping Structured Input Args - List of structured inputs for the new log mapping. See structured_input_schema for details.
- Unstructured
Fields CseLog Mapping Unstructured Fields Args - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
- Enabled flag.
- fields
List<Cse
Log Mapping Field> - List of fields for the new log mapping. See field_schema for details.
- name String
- The name of the log mapping.
- parent
Id String - The id of the parent log mapping.
- product
Guid String - Product GUID.
- record
Type String - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities Boolean - Set to true to relate entities.
- skipped
Values List<String> - List of skipped values.
- structured
Inputs List<CseLog Mapping Structured Input> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled boolean
- Enabled flag.
- fields
Cse
Log Mapping Field[] - List of fields for the new log mapping. See field_schema for details.
- name string
- The name of the log mapping.
- parent
Id string - The id of the parent log mapping.
- product
Guid string - Product GUID.
- record
Type string - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities boolean - Set to true to relate entities.
- skipped
Values string[] - List of skipped values.
- structured
Inputs CseLog Mapping Structured Input[] - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields CseLog Mapping Unstructured Fields - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled bool
- Enabled flag.
- fields
Sequence[Cse
Log Mapping Field Args] - List of fields for the new log mapping. See field_schema for details.
- name str
- The name of the log mapping.
- parent_
id str - The id of the parent log mapping.
- product_
guid str - Product GUID.
- record_
type str - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates_
entities bool - Set to true to relate entities.
- skipped_
values Sequence[str] - List of skipped values.
- structured_
inputs Sequence[CseLog Mapping Structured Input Args] - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured_
fields CseLog Mapping Unstructured Fields Args - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
- enabled Boolean
- Enabled flag.
- fields List<Property Map>
- List of fields for the new log mapping. See field_schema for details.
- name String
- The name of the log mapping.
- parent
Id String - The id of the parent log mapping.
- product
Guid String - Product GUID.
- record
Type String - The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
- relates
Entities Boolean - Set to true to relate entities.
- skipped
Values List<String> - List of skipped values.
- structured
Inputs List<Property Map> - List of structured inputs for the new log mapping. See structured_input_schema for details.
- unstructured
Fields Property Map - Unstructured fields for the new log mapping. See unstructured_field_schema for details.
Supporting Types
CseLogMappingField, CseLogMappingFieldArgs
- Name string
- The name of the log mapping.
- Alternate
Values List<string> - Case
Insensitive bool - Default
Value string - Field
Joins List<string> - Format string
- Format
Parameters List<string> - Join
Delimiter string - Lookups
List<Pulumi.
Sumo Logic. Inputs. Cse Log Mapping Field Lookup> - Skipped
Values List<string> - List of skipped values.
- Split
Delimiter string - Split
Index int - Time
Zone string - Value string
- Value
Type string
- Name string
- The name of the log mapping.
- Alternate
Values []string - Case
Insensitive bool - Default
Value string - Field
Joins []string - Format string
- Format
Parameters []string - Join
Delimiter string - Lookups
[]Cse
Log Mapping Field Lookup - Skipped
Values []string - List of skipped values.
- Split
Delimiter string - Split
Index int - Time
Zone string - Value string
- Value
Type string
- name String
- The name of the log mapping.
- alternate
Values List<String> - case
Insensitive Boolean - default
Value String - field
Joins List<String> - format String
- format
Parameters List<String> - join
Delimiter String - lookups
List<Cse
Log Mapping Field Lookup> - skipped
Values List<String> - List of skipped values.
- split
Delimiter String - split
Index Integer - time
Zone String - value String
- value
Type String
- name string
- The name of the log mapping.
- alternate
Values string[] - case
Insensitive boolean - default
Value string - field
Joins string[] - format string
- format
Parameters string[] - join
Delimiter string - lookups
Cse
Log Mapping Field Lookup[] - skipped
Values string[] - List of skipped values.
- split
Delimiter string - split
Index number - time
Zone string - value string
- value
Type string
- name str
- The name of the log mapping.
- alternate_
values Sequence[str] - case_
insensitive bool - default_
value str - field_
joins Sequence[str] - format str
- format_
parameters Sequence[str] - join_
delimiter str - lookups
Sequence[Cse
Log Mapping Field Lookup] - skipped_
values Sequence[str] - List of skipped values.
- split_
delimiter str - split_
index int - time_
zone str - value str
- value_
type str
- name String
- The name of the log mapping.
- alternate
Values List<String> - case
Insensitive Boolean - default
Value String - field
Joins List<String> - format String
- format
Parameters List<String> - join
Delimiter String - lookups List<Property Map>
- skipped
Values List<String> - List of skipped values.
- split
Delimiter String - split
Index Number - time
Zone String - value String
- value
Type String
CseLogMappingFieldLookup, CseLogMappingFieldLookupArgs
CseLogMappingStructuredInput, CseLogMappingStructuredInputArgs
- Event
Id stringPattern - Log
Format string - Product string
- Vendor string
- Event
Id stringPattern - Log
Format string - Product string
- Vendor string
- event
Id StringPattern - log
Format String - product String
- vendor String
- event
Id stringPattern - log
Format string - product string
- vendor string
- event_
id_ strpattern - log_
format str - product str
- vendor str
- event
Id StringPattern - log
Format String - product String
- vendor String
CseLogMappingUnstructuredFields, CseLogMappingUnstructuredFieldsArgs
- Pattern
Names List<string>
- Pattern
Names []string
- pattern
Names List<String>
- pattern
Names string[]
- pattern_
names Sequence[str]
- pattern
Names List<String>
Import
Log Mapping can be imported using the field id, e.g.:
hcl
$ pulumi import sumologic:index/cseLogMapping:CseLogMapping log_mapping id
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Sumo Logic pulumi/pulumi-sumologic
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
sumologicTerraform Provider.