Sumo Logic v1.0.7, Apr 11 25

Sumo Logic v1.0.7 published on Friday, Apr 11, 2025 by Pulumi

sumologic.CseLogMapping

Explore with Pulumi AI

Sumo Logic v1.0.7 published on Friday, Apr 11, 2025 by Pulumi

Example Usage

TypeScript
Python
Go
C#
Java
YAML

import * as pulumi from "@pulumi/pulumi";
import * as sumologic from "@pulumi/sumologic";

const logMapping = new sumologic.CseLogMapping("log_mapping", {
    name: "New Log Mapping",
    productGuid: "003d35b3-3ba8-4e93-8776-e5810b4e243e",
    recordType: "Audit",
    enabled: true,
    relatesEntities: true,
    skippedValues: ["skipped"],
    fields: [{
        name: "action",
        value: "action",
        valueType: "constant",
        skippedValues: ["-"],
        defaultValue: "",
        format: "JSON",
        caseInsensitive: false,
        alternateValues: ["altValue"],
        timeZone: "UTC",
        splitDelimiter: ",",
        splitIndex: 0,
        fieldJoins: ["and"],
        joinDelimiter: "",
        formatParameters: ["param"],
        lookups: [{
            key: "tunnel-up",
            value: "true",
        }],
    }],
    structuredInputs: [{
        eventIdPattern: "vpn",
        logFormat: "JSON",
        product: "fortinate",
        vendor: "fortinate",
    }],
});

import pulumi
import pulumi_sumologic as sumologic

log_mapping = sumologic.CseLogMapping("log_mapping",
    name="New Log Mapping",
    product_guid="003d35b3-3ba8-4e93-8776-e5810b4e243e",
    record_type="Audit",
    enabled=True,
    relates_entities=True,
    skipped_values=["skipped"],
    fields=[{
        "name": "action",
        "value": "action",
        "value_type": "constant",
        "skipped_values": ["-"],
        "default_value": "",
        "format": "JSON",
        "case_insensitive": False,
        "alternate_values": ["altValue"],
        "time_zone": "UTC",
        "split_delimiter": ",",
        "split_index": 0,
        "field_joins": ["and"],
        "join_delimiter": "",
        "format_parameters": ["param"],
        "lookups": [{
            "key": "tunnel-up",
            "value": "true",
        }],
    }],
    structured_inputs=[{
        "event_id_pattern": "vpn",
        "log_format": "JSON",
        "product": "fortinate",
        "vendor": "fortinate",
    }])

package main

import (
	"github.com/pulumi/pulumi-sumologic/sdk/go/sumologic"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sumologic.NewCseLogMapping(ctx, "log_mapping", &sumologic.CseLogMappingArgs{
			Name:            pulumi.String("New Log Mapping"),
			ProductGuid:     pulumi.String("003d35b3-3ba8-4e93-8776-e5810b4e243e"),
			RecordType:      pulumi.String("Audit"),
			Enabled:         pulumi.Bool(true),
			RelatesEntities: pulumi.Bool(true),
			SkippedValues: pulumi.StringArray{
				pulumi.String("skipped"),
			},
			Fields: sumologic.CseLogMappingFieldArray{
				&sumologic.CseLogMappingFieldArgs{
					Name:      pulumi.String("action"),
					Value:     pulumi.String("action"),
					ValueType: pulumi.String("constant"),
					SkippedValues: pulumi.StringArray{
						pulumi.String("-"),
					},
					DefaultValue:    pulumi.String(""),
					Format:          pulumi.String("JSON"),
					CaseInsensitive: pulumi.Bool(false),
					AlternateValues: pulumi.StringArray{
						pulumi.String("altValue"),
					},
					TimeZone:       pulumi.String("UTC"),
					SplitDelimiter: pulumi.String(","),
					SplitIndex:     pulumi.Int(0),
					FieldJoins: pulumi.StringArray{
						pulumi.String("and"),
					},
					JoinDelimiter: pulumi.String(""),
					FormatParameters: pulumi.StringArray{
						pulumi.String("param"),
					},
					Lookups: sumologic.CseLogMappingFieldLookupArray{
						&sumologic.CseLogMappingFieldLookupArgs{
							Key:   pulumi.String("tunnel-up"),
							Value: pulumi.String("true"),
						},
					},
				},
			},
			StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
				&sumologic.CseLogMappingStructuredInputArgs{
					EventIdPattern: pulumi.String("vpn"),
					LogFormat:      pulumi.String("JSON"),
					Product:        pulumi.String("fortinate"),
					Vendor:         pulumi.String("fortinate"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using SumoLogic = Pulumi.SumoLogic;

return await Deployment.RunAsync(() => 
{
    var logMapping = new SumoLogic.CseLogMapping("log_mapping", new()
    {
        Name = "New Log Mapping",
        ProductGuid = "003d35b3-3ba8-4e93-8776-e5810b4e243e",
        RecordType = "Audit",
        Enabled = true,
        RelatesEntities = true,
        SkippedValues = new[]
        {
            "skipped",
        },
        Fields = new[]
        {
            new SumoLogic.Inputs.CseLogMappingFieldArgs
            {
                Name = "action",
                Value = "action",
                ValueType = "constant",
                SkippedValues = new[]
                {
                    "-",
                },
                DefaultValue = "",
                Format = "JSON",
                CaseInsensitive = false,
                AlternateValues = new[]
                {
                    "altValue",
                },
                TimeZone = "UTC",
                SplitDelimiter = ",",
                SplitIndex = 0,
                FieldJoins = new[]
                {
                    "and",
                },
                JoinDelimiter = "",
                FormatParameters = new[]
                {
                    "param",
                },
                Lookups = new[]
                {
                    new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
                    {
                        Key = "tunnel-up",
                        Value = "true",
                    },
                },
            },
        },
        StructuredInputs = new[]
        {
            new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
            {
                EventIdPattern = "vpn",
                LogFormat = "JSON",
                Product = "fortinate",
                Vendor = "fortinate",
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sumologic.CseLogMapping;
import com.pulumi.sumologic.CseLogMappingArgs;
import com.pulumi.sumologic.inputs.CseLogMappingFieldArgs;
import com.pulumi.sumologic.inputs.CseLogMappingStructuredInputArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var logMapping = new CseLogMapping("logMapping", CseLogMappingArgs.builder()
            .name("New Log Mapping")
            .productGuid("003d35b3-3ba8-4e93-8776-e5810b4e243e")
            .recordType("Audit")
            .enabled(true)
            .relatesEntities(true)
            .skippedValues("skipped")
            .fields(CseLogMappingFieldArgs.builder()
                .name("action")
                .value("action")
                .valueType("constant")
                .skippedValues("-")
                .defaultValue("")
                .format("JSON")
                .caseInsensitive(false)
                .alternateValues("altValue")
                .timeZone("UTC")
                .splitDelimiter(",")
                .splitIndex(0)
                .fieldJoins("and")
                .joinDelimiter("")
                .formatParameters("param")
                .lookups(CseLogMappingFieldLookupArgs.builder()
                    .key("tunnel-up")
                    .value("true")
                    .build())
                .build())
            .structuredInputs(CseLogMappingStructuredInputArgs.builder()
                .eventIdPattern("vpn")
                .logFormat("JSON")
                .product("fortinate")
                .vendor("fortinate")
                .build())
            .build());

    }
}

resources:
  logMapping:
    type: sumologic:CseLogMapping
    name: log_mapping
    properties:
      name: New Log Mapping
      productGuid: 003d35b3-3ba8-4e93-8776-e5810b4e243e
      recordType: Audit
      enabled: true
      relatesEntities: true
      skippedValues:
        - skipped
      fields:
        - name: action
          value: action
          valueType: constant
          skippedValues:
            - '-'
          defaultValue: ""
          format: JSON
          caseInsensitive: false
          alternateValues:
            - altValue
          timeZone: UTC
          splitDelimiter: ','
          splitIndex: 0
          fieldJoins:
            - and
          joinDelimiter: ""
          formatParameters:
            - param
          lookups:
            - key: tunnel-up
              value: 'true'
      structuredInputs:
        - eventIdPattern: vpn
          logFormat: JSON
          product: fortinate
          vendor: fortinate

Create CseLogMapping Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

new CseLogMapping(name: string, args: CseLogMappingArgs, opts?: CustomResourceOptions);

@overload
def CseLogMapping(resource_name: str,
                  args: CseLogMappingArgs,
                  opts: Optional[ResourceOptions] = None)

@overload
def CseLogMapping(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  enabled: Optional[bool] = None,
                  fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
                  product_guid: Optional[str] = None,
                  record_type: Optional[str] = None,
                  name: Optional[str] = None,
                  parent_id: Optional[str] = None,
                  relates_entities: Optional[bool] = None,
                  skipped_values: Optional[Sequence[str]] = None,
                  structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
                  unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None)

func NewCseLogMapping(ctx *Context, name string, args CseLogMappingArgs, opts ...ResourceOption) (*CseLogMapping, error)

public CseLogMapping(string name, CseLogMappingArgs args, CustomResourceOptions? opts = null)

public CseLogMapping(String name, CseLogMappingArgs args)
public CseLogMapping(String name, CseLogMappingArgs args, CustomResourceOptions options)

type: sumologic:CseLogMapping
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args CseLogMappingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args CseLogMappingArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args CseLogMappingArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args CseLogMappingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args CseLogMappingArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var cseLogMappingResource = new SumoLogic.CseLogMapping("cseLogMappingResource", new()
{
    Enabled = false,
    Fields = new[]
    {
        new SumoLogic.Inputs.CseLogMappingFieldArgs
        {
            Name = "string",
            JoinDelimiter = "string",
            CaseInsensitive = false,
            FieldJoins = new[]
            {
                "string",
            },
            Format = "string",
            FormatParameters = new[]
            {
                "string",
            },
            AlternateValues = new[]
            {
                "string",
            },
            Lookups = new[]
            {
                new SumoLogic.Inputs.CseLogMappingFieldLookupArgs
                {
                    Key = "string",
                    Value = "string",
                },
            },
            DefaultValue = "string",
            SkippedValues = new[]
            {
                "string",
            },
            SplitDelimiter = "string",
            SplitIndex = 0,
            TimeZone = "string",
            Value = "string",
            ValueType = "string",
        },
    },
    ProductGuid = "string",
    RecordType = "string",
    Name = "string",
    ParentId = "string",
    RelatesEntities = false,
    SkippedValues = new[]
    {
        "string",
    },
    StructuredInputs = new[]
    {
        new SumoLogic.Inputs.CseLogMappingStructuredInputArgs
        {
            EventIdPattern = "string",
            LogFormat = "string",
            Product = "string",
            Vendor = "string",
        },
    },
    UnstructuredFields = new SumoLogic.Inputs.CseLogMappingUnstructuredFieldsArgs
    {
        PatternNames = new[]
        {
            "string",
        },
    },
});

example, err := sumologic.NewCseLogMapping(ctx, "cseLogMappingResource", &sumologic.CseLogMappingArgs{
	Enabled: pulumi.Bool(false),
	Fields: sumologic.CseLogMappingFieldArray{
		&sumologic.CseLogMappingFieldArgs{
			Name:            pulumi.String("string"),
			JoinDelimiter:   pulumi.String("string"),
			CaseInsensitive: pulumi.Bool(false),
			FieldJoins: pulumi.StringArray{
				pulumi.String("string"),
			},
			Format: pulumi.String("string"),
			FormatParameters: pulumi.StringArray{
				pulumi.String("string"),
			},
			AlternateValues: pulumi.StringArray{
				pulumi.String("string"),
			},
			Lookups: sumologic.CseLogMappingFieldLookupArray{
				&sumologic.CseLogMappingFieldLookupArgs{
					Key:   pulumi.String("string"),
					Value: pulumi.String("string"),
				},
			},
			DefaultValue: pulumi.String("string"),
			SkippedValues: pulumi.StringArray{
				pulumi.String("string"),
			},
			SplitDelimiter: pulumi.String("string"),
			SplitIndex:     pulumi.Int(0),
			TimeZone:       pulumi.String("string"),
			Value:          pulumi.String("string"),
			ValueType:      pulumi.String("string"),
		},
	},
	ProductGuid:     pulumi.String("string"),
	RecordType:      pulumi.String("string"),
	Name:            pulumi.String("string"),
	ParentId:        pulumi.String("string"),
	RelatesEntities: pulumi.Bool(false),
	SkippedValues: pulumi.StringArray{
		pulumi.String("string"),
	},
	StructuredInputs: sumologic.CseLogMappingStructuredInputArray{
		&sumologic.CseLogMappingStructuredInputArgs{
			EventIdPattern: pulumi.String("string"),
			LogFormat:      pulumi.String("string"),
			Product:        pulumi.String("string"),
			Vendor:         pulumi.String("string"),
		},
	},
	UnstructuredFields: &sumologic.CseLogMappingUnstructuredFieldsArgs{
		PatternNames: pulumi.StringArray{
			pulumi.String("string"),
		},
	},
})

var cseLogMappingResource = new CseLogMapping("cseLogMappingResource", CseLogMappingArgs.builder()
    .enabled(false)
    .fields(CseLogMappingFieldArgs.builder()
        .name("string")
        .joinDelimiter("string")
        .caseInsensitive(false)
        .fieldJoins("string")
        .format("string")
        .formatParameters("string")
        .alternateValues("string")
        .lookups(CseLogMappingFieldLookupArgs.builder()
            .key("string")
            .value("string")
            .build())
        .defaultValue("string")
        .skippedValues("string")
        .splitDelimiter("string")
        .splitIndex(0)
        .timeZone("string")
        .value("string")
        .valueType("string")
        .build())
    .productGuid("string")
    .recordType("string")
    .name("string")
    .parentId("string")
    .relatesEntities(false)
    .skippedValues("string")
    .structuredInputs(CseLogMappingStructuredInputArgs.builder()
        .eventIdPattern("string")
        .logFormat("string")
        .product("string")
        .vendor("string")
        .build())
    .unstructuredFields(CseLogMappingUnstructuredFieldsArgs.builder()
        .patternNames("string")
        .build())
    .build());

cse_log_mapping_resource = sumologic.CseLogMapping("cseLogMappingResource",
    enabled=False,
    fields=[{
        "name": "string",
        "join_delimiter": "string",
        "case_insensitive": False,
        "field_joins": ["string"],
        "format": "string",
        "format_parameters": ["string"],
        "alternate_values": ["string"],
        "lookups": [{
            "key": "string",
            "value": "string",
        }],
        "default_value": "string",
        "skipped_values": ["string"],
        "split_delimiter": "string",
        "split_index": 0,
        "time_zone": "string",
        "value": "string",
        "value_type": "string",
    }],
    product_guid="string",
    record_type="string",
    name="string",
    parent_id="string",
    relates_entities=False,
    skipped_values=["string"],
    structured_inputs=[{
        "event_id_pattern": "string",
        "log_format": "string",
        "product": "string",
        "vendor": "string",
    }],
    unstructured_fields={
        "pattern_names": ["string"],
    })

const cseLogMappingResource = new sumologic.CseLogMapping("cseLogMappingResource", {
    enabled: false,
    fields: [{
        name: "string",
        joinDelimiter: "string",
        caseInsensitive: false,
        fieldJoins: ["string"],
        format: "string",
        formatParameters: ["string"],
        alternateValues: ["string"],
        lookups: [{
            key: "string",
            value: "string",
        }],
        defaultValue: "string",
        skippedValues: ["string"],
        splitDelimiter: "string",
        splitIndex: 0,
        timeZone: "string",
        value: "string",
        valueType: "string",
    }],
    productGuid: "string",
    recordType: "string",
    name: "string",
    parentId: "string",
    relatesEntities: false,
    skippedValues: ["string"],
    structuredInputs: [{
        eventIdPattern: "string",
        logFormat: "string",
        product: "string",
        vendor: "string",
    }],
    unstructuredFields: {
        patternNames: ["string"],
    },
});

type: sumologic:CseLogMapping
properties:
    enabled: false
    fields:
        - alternateValues:
            - string
          caseInsensitive: false
          defaultValue: string
          fieldJoins:
            - string
          format: string
          formatParameters:
            - string
          joinDelimiter: string
          lookups:
            - key: string
              value: string
          name: string
          skippedValues:
            - string
          splitDelimiter: string
          splitIndex: 0
          timeZone: string
          value: string
          valueType: string
    name: string
    parentId: string
    productGuid: string
    recordType: string
    relatesEntities: false
    skippedValues:
        - string
    structuredInputs:
        - eventIdPattern: string
          logFormat: string
          product: string
          vendor: string
    unstructuredFields:
        patternNames:
            - string

CseLogMapping Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The CseLogMapping resource accepts the following input properties:

Enabled bool: Enabled flag.
Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingField>: List of fields for the new log mapping. See field_schema for details.
ProductGuid string: Product GUID.
RecordType string: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
Name string: The name of the log mapping.
ParentId string: The id of the parent log mapping.
RelatesEntities bool: Set to true to relate entities.
SkippedValues List<string>: List of skipped values.
StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInput>: List of structured inputs for the new log mapping. See structured_input_schema for details.
UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFields: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

Enabled bool: Enabled flag.
Fields []CseLogMappingFieldArgs: List of fields for the new log mapping. See field_schema for details.
ProductGuid string: Product GUID.
RecordType string: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
Name string: The name of the log mapping.
ParentId string: The id of the parent log mapping.
RelatesEntities bool: Set to true to relate entities.
SkippedValues []string: List of skipped values.
StructuredInputs []CseLogMappingStructuredInputArgs: List of structured inputs for the new log mapping. See structured_input_schema for details.
UnstructuredFields CseLogMappingUnstructuredFieldsArgs: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled Boolean: Enabled flag.
fields List<CseLogMappingField>: List of fields for the new log mapping. See field_schema for details.
productGuid String: Product GUID.
recordType String: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
name String: The name of the log mapping.
parentId String: The id of the parent log mapping.
relatesEntities Boolean: Set to true to relate entities.
skippedValues List<String>: List of skipped values.
structuredInputs List<CseLogMappingStructuredInput>: List of structured inputs for the new log mapping. See structured_input_schema for details.
unstructuredFields CseLogMappingUnstructuredFields: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled boolean: Enabled flag.
fields CseLogMappingField[]: List of fields for the new log mapping. See field_schema for details.
productGuid string: Product GUID.
recordType string: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
name string: The name of the log mapping.
parentId string: The id of the parent log mapping.
relatesEntities boolean: Set to true to relate entities.
skippedValues string[]: List of skipped values.
structuredInputs CseLogMappingStructuredInput[]: List of structured inputs for the new log mapping. See structured_input_schema for details.
unstructuredFields CseLogMappingUnstructuredFields: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled bool: Enabled flag.
fields Sequence[CseLogMappingFieldArgs]: List of fields for the new log mapping. See field_schema for details.
product_guid str: Product GUID.
record_type str: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
name str: The name of the log mapping.
parent_id str: The id of the parent log mapping.
relates_entities bool: Set to true to relate entities.
skipped_values Sequence[str]: List of skipped values.
structured_inputs Sequence[CseLogMappingStructuredInputArgs]: List of structured inputs for the new log mapping. See structured_input_schema for details.
unstructured_fields CseLogMappingUnstructuredFieldsArgs: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled Boolean: Enabled flag.
fields List<Property Map>: List of fields for the new log mapping. See field_schema for details.
productGuid String: Product GUID.
recordType String: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
name String: The name of the log mapping.
parentId String: The id of the parent log mapping.
relatesEntities Boolean: Set to true to relate entities.
skippedValues List<String>: List of skipped values.
structuredInputs List<Property Map>: List of structured inputs for the new log mapping. See structured_input_schema for details.
unstructuredFields Property Map: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

Outputs

All input properties are implicitly available as output properties. Additionally, the CseLogMapping resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing CseLogMapping Resource

Get an existing CseLogMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: CseLogMappingState, opts?: CustomResourceOptions): CseLogMapping

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        enabled: Optional[bool] = None,
        fields: Optional[Sequence[CseLogMappingFieldArgs]] = None,
        name: Optional[str] = None,
        parent_id: Optional[str] = None,
        product_guid: Optional[str] = None,
        record_type: Optional[str] = None,
        relates_entities: Optional[bool] = None,
        skipped_values: Optional[Sequence[str]] = None,
        structured_inputs: Optional[Sequence[CseLogMappingStructuredInputArgs]] = None,
        unstructured_fields: Optional[CseLogMappingUnstructuredFieldsArgs] = None) -> CseLogMapping

func GetCseLogMapping(ctx *Context, name string, id IDInput, state *CseLogMappingState, opts ...ResourceOption) (*CseLogMapping, error)

public static CseLogMapping Get(string name, Input<string> id, CseLogMappingState? state, CustomResourceOptions? opts = null)

public static CseLogMapping get(String name, Output<String> id, CseLogMappingState state, CustomResourceOptions options)

resources:  _:    type: sumologic:CseLogMapping    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Enabled bool: Enabled flag.
Fields List<Pulumi.SumoLogic.Inputs.CseLogMappingField>: List of fields for the new log mapping. See field_schema for details.
Name string: The name of the log mapping.
ParentId string: The id of the parent log mapping.
ProductGuid string: Product GUID.
RecordType string: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
RelatesEntities bool: Set to true to relate entities.
SkippedValues List<string>: List of skipped values.
StructuredInputs List<Pulumi.SumoLogic.Inputs.CseLogMappingStructuredInput>: List of structured inputs for the new log mapping. See structured_input_schema for details.
UnstructuredFields Pulumi.SumoLogic.Inputs.CseLogMappingUnstructuredFields: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

Enabled bool: Enabled flag.
Fields []CseLogMappingFieldArgs: List of fields for the new log mapping. See field_schema for details.
Name string: The name of the log mapping.
ParentId string: The id of the parent log mapping.
ProductGuid string: Product GUID.
RecordType string: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
RelatesEntities bool: Set to true to relate entities.
SkippedValues []string: List of skipped values.
StructuredInputs []CseLogMappingStructuredInputArgs: List of structured inputs for the new log mapping. See structured_input_schema for details.
UnstructuredFields CseLogMappingUnstructuredFieldsArgs: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled Boolean: Enabled flag.
fields List<CseLogMappingField>: List of fields for the new log mapping. See field_schema for details.
name String: The name of the log mapping.
parentId String: The id of the parent log mapping.
productGuid String: Product GUID.
recordType String: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
relatesEntities Boolean: Set to true to relate entities.
skippedValues List<String>: List of skipped values.
structuredInputs List<CseLogMappingStructuredInput>: List of structured inputs for the new log mapping. See structured_input_schema for details.
unstructuredFields CseLogMappingUnstructuredFields: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled boolean: Enabled flag.
fields CseLogMappingField[]: List of fields for the new log mapping. See field_schema for details.
name string: The name of the log mapping.
parentId string: The id of the parent log mapping.
productGuid string: Product GUID.
recordType string: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
relatesEntities boolean: Set to true to relate entities.
skippedValues string[]: List of skipped values.
structuredInputs CseLogMappingStructuredInput[]: List of structured inputs for the new log mapping. See structured_input_schema for details.
unstructuredFields CseLogMappingUnstructuredFields: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled bool: Enabled flag.
fields Sequence[CseLogMappingFieldArgs]: List of fields for the new log mapping. See field_schema for details.
name str: The name of the log mapping.
parent_id str: The id of the parent log mapping.
product_guid str: Product GUID.
record_type str: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
relates_entities bool: Set to true to relate entities.
skipped_values Sequence[str]: List of skipped values.
structured_inputs Sequence[CseLogMappingStructuredInputArgs]: List of structured inputs for the new log mapping. See structured_input_schema for details.
unstructured_fields CseLogMappingUnstructuredFieldsArgs: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

enabled Boolean: Enabled flag.
fields List<Property Map>: List of fields for the new log mapping. See field_schema for details.
name String: The name of the log mapping.
parentId String: The id of the parent log mapping.
productGuid String: Product GUID.
recordType String: The record type to be created. (possible values: Audit, AuditChange, AuditFile, AuditResourceAccess, Authentication, AuthenticationPrivilegeEscalation, Canary, Email, Endpoint, EndpointModuleLoad, EndpointProcess, Network, NetworkDHCP, NetworkDNS, NetworkFlow, NetworkHTTP, NetworkProxy, Notification, NotificationVulnerability)
relatesEntities Boolean: Set to true to relate entities.
skippedValues List<String>: List of skipped values.
structuredInputs List<Property Map>: List of structured inputs for the new log mapping. See structured_input_schema for details.
unstructuredFields Property Map: Unstructured fields for the new log mapping. See unstructured_field_schema for details.

Supporting Types

CseLogMappingField
, CseLogMappingFieldArgs

Name string: The name of the log mapping.
AlternateValues List<string>: List of alternate values.
CaseInsensitive bool: Case insensitive flag.
DefaultValue string: Default value of the field.
FieldJoins List<string>: List of field join values.
Format string: Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
FormatParameters List<string>: List of format parameters.
JoinDelimiter string: Join delimiter.
Lookups List<Pulumi.SumoLogic.Inputs.CseLogMappingFieldLookup>: List of lookup key value pair for field. See lookup_schema for details.
SkippedValues List<string>: List of skipped values.
SplitDelimiter string: Split delimiter to be used. (some example: ",", "-", "|")
SplitIndex int: The index value to select (starting at zero)
TimeZone string: Time zone.
Value string: Lookup value.
ValueType string: The value type.

Name string: The name of the log mapping.
AlternateValues []string: List of alternate values.
CaseInsensitive bool: Case insensitive flag.
DefaultValue string: Default value of the field.
FieldJoins []string: List of field join values.
Format string: Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
FormatParameters []string: List of format parameters.
JoinDelimiter string: Join delimiter.
Lookups []CseLogMappingFieldLookup: List of lookup key value pair for field. See lookup_schema for details.
SkippedValues []string: List of skipped values.
SplitDelimiter string: Split delimiter to be used. (some example: ",", "-", "|")
SplitIndex int: The index value to select (starting at zero)
TimeZone string: Time zone.
Value string: Lookup value.
ValueType string: The value type.

name String: The name of the log mapping.
alternateValues List<String>: List of alternate values.
caseInsensitive Boolean: Case insensitive flag.
defaultValue String: Default value of the field.
fieldJoins List<String>: List of field join values.
format String: Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
formatParameters List<String>: List of format parameters.
joinDelimiter String: Join delimiter.
lookups List<CseLogMappingFieldLookup>: List of lookup key value pair for field. See lookup_schema for details.
skippedValues List<String>: List of skipped values.
splitDelimiter String: Split delimiter to be used. (some example: ",", "-", "|")
splitIndex Integer: The index value to select (starting at zero)
timeZone String: Time zone.
value String: Lookup value.
valueType String: The value type.

name string: The name of the log mapping.
alternateValues string[]: List of alternate values.
caseInsensitive boolean: Case insensitive flag.
defaultValue string: Default value of the field.
fieldJoins string[]: List of field join values.
format string: Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
formatParameters string[]: List of format parameters.
joinDelimiter string: Join delimiter.
lookups CseLogMappingFieldLookup[]: List of lookup key value pair for field. See lookup_schema for details.
skippedValues string[]: List of skipped values.
splitDelimiter string: Split delimiter to be used. (some example: ",", "-", "|")
splitIndex number: The index value to select (starting at zero)
timeZone string: Time zone.
value string: Lookup value.
valueType string: The value type.

name str: The name of the log mapping.
alternate_values Sequence[str]: List of alternate values.
case_insensitive bool: Case insensitive flag.
default_value str: Default value of the field.
field_joins Sequence[str]: List of field join values.
format str: Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
format_parameters Sequence[str]: List of format parameters.
join_delimiter str: Join delimiter.
lookups Sequence[CseLogMappingFieldLookup]: List of lookup key value pair for field. See lookup_schema for details.
skipped_values Sequence[str]: List of skipped values.
split_delimiter str: Split delimiter to be used. (some example: ",", "-", "|")
split_index int: The index value to select (starting at zero)
time_zone str: Time zone.
value str: Lookup value.
value_type str: The value type.

name String: The name of the log mapping.
alternateValues List<String>: List of alternate values.
caseInsensitive Boolean: Case insensitive flag.
defaultValue String: Default value of the field.
fieldJoins List<String>: List of field join values.
format String: Format of the field. (JSON, Windows, Syslog, CEF, LEEF )
formatParameters List<String>: List of format parameters.
joinDelimiter String: Join delimiter.
lookups List<Property Map>: List of lookup key value pair for field. See lookup_schema for details.
skippedValues List<String>: List of skipped values.
splitDelimiter String: Split delimiter to be used. (some example: ",", "-", "|")
splitIndex Number: The index value to select (starting at zero)
timeZone String: Time zone.
value String: Lookup value.
valueType String: The value type.

CseLogMappingFieldLookup
, CseLogMappingFieldLookupArgs

Key string: Lookup key.
Value string: Lookup value.

Key string: Lookup key.
Value string: Lookup value.

key String: Lookup key.
value String: Lookup value.

key string: Lookup key.
value string: Lookup value.

key str: Lookup key.
value str: Lookup value.

key String: Lookup key.
value String: Lookup value.

CseLogMappingStructuredInput
, CseLogMappingStructuredInputArgs

EventIdPattern string: Event id pattern.
LogFormat string: Log format. (JSON, Windows, Syslog, CEF, LEEF )
Product string: Product name.
Vendor string: Vendor name.

EventIdPattern string: Event id pattern.
LogFormat string: Log format. (JSON, Windows, Syslog, CEF, LEEF )
Product string: Product name.
Vendor string: Vendor name.

eventIdPattern String: Event id pattern.
logFormat String: Log format. (JSON, Windows, Syslog, CEF, LEEF )
product String: Product name.
vendor String: Vendor name.

eventIdPattern string: Event id pattern.
logFormat string: Log format. (JSON, Windows, Syslog, CEF, LEEF )
product string: Product name.
vendor string: Vendor name.

event_id_pattern str: Event id pattern.
log_format str: Log format. (JSON, Windows, Syslog, CEF, LEEF )
product str: Product name.
vendor str: Vendor name.

eventIdPattern String: Event id pattern.
logFormat String: Log format. (JSON, Windows, Syslog, CEF, LEEF )
product String: Product name.
vendor String: Vendor name.